Описание
A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application.
Ссылки
- MitigationVendor Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.3 (исключая)
cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.0067
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 7.2
github
почти 4 года назад
A vulnerability has been identified in SINEC NMS (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application.
EPSS
Процентиль: 71%
0.0067
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89