CRITICAL✓ PATCH🇬🇧 English

CVE-2017-9939

CVSS 9.8v3.0pub. 2017-08-08upd. 2026-05-13

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication mechanism and perform administrative operations.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Siemens Sipass Integrated

    APP
    Siemens
    ≤ 2.65
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2022-22965CRITICAL9.8⚠ KEVten sam produkt

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...

CVE-2021-45046CRITICAL9.0⚠ KEVten sam produkt

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...

CVE-2021-44228CRITICAL10.0⚠ KEVten sam produkt

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...

CVE-2021-44524CRITICAL9.8ten sam produkt

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All ve...

CVE-2021-44523CRITICAL9.1ten sam produkt

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All ve...