Описание
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). A stored Cross-Site-Scripting (XSS) vulnerability is present in different locations of the web application. An attacker might be able to take over a session of a legitimate user.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.05 (исключая)
Одновременно
cpe:2.3:o:siemens:sicam_mmu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sicam_mmu:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:siemens:sicam_sgu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sicam_sgu:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 2.18 (исключая)
Одновременно
cpe:2.3:o:siemens:sicam_t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sicam_t:-:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00317
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
github
больше 3 лет назад
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). A stored Cross-Site-Scripting (XSS) vulnerability is present in different locations of the web application. An attacker might be able to take over a session of a legitimate user.
EPSS
Процентиль: 54%
0.00317
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79