A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected application lacks input validation of date parameter in report generation functionality. This could allow an authenticated, lowly privileged attacker to cause denial of service condition of the report functionality.
oryginał ENCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XSiemens Sinec Security Monitor
APPSiemens< 4.10.0
Powiązane podatności
RCE z uprawnieniami root w Siemens SINEC Security Monitor
Command injection w Siemens SINEC Security Monitor – eskalacja uprawnień
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected applicati...
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected applicatio...
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected applicatio...