CRITICAL🇬🇧 English

CVE-2021-44523

CVSS 9.1v3.1pub. 2021-12-14upd. 2024-11-21

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal activity feed database. This could allow an unauthenticated remote attacker to read, modify or delete activity feed entries.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Siemens Sipass Integrated

    APP
    Siemens
    2.762.802.85
  • Siemens Siveillance Identity

    APP
    Siemens
    1.51.6 – 1.6.280.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-22965CRITICAL9.8⚠ KEVten sam produkt

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...

CVE-2021-45046CRITICAL9.0⚠ KEVten sam produkt

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...

CVE-2021-44228CRITICAL10.0⚠ KEVten sam produkt

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...

CVE-2021-44524CRITICAL9.8ten sam produkt

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All ve...

CVE-2017-9939CRITICAL9.8ten sam produkt

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an at...