CRITICAL🇵🇱 Wersja polska

CVE-2021-44523

CVSS 9.1v3.1pub. 2021-12-14upd. 2024-11-21

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal activity feed database. This could allow an unauthenticated remote attacker to read, modify or delete activity feed entries.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Siemens Sipass Integrated

    APP
    Siemens
    2.762.802.85
  • Siemens Siveillance Identity

    APP
    Siemens
    1.51.6 – 1.6.280.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-22965CRITICAL9.8⚠ KEVten sam produkt

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...

CVE-2021-45046CRITICAL9.0⚠ KEVten sam produkt

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...

CVE-2021-44228CRITICAL10.0⚠ KEVten sam produkt

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...

CVE-2021-44524CRITICAL9.8ten sam produkt

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All ve...

CVE-2017-9939CRITICAL9.8ten sam produkt

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an at...