A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 < V3.1.2.3). The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XSiemens Telecontrol Server Basic
APPSiemens3.1.2.2
Related vulnerabilities
SQL Injection w Siemens TeleControl Server Basic – obejście autoryzacji i RCE
SQL Injection w Siemens TeleControl Server Basic — nieautoryzowany dostęp i RCE
SQL Injection w Siemens TeleControl Server Basic — ominięcie autoryzacji i RCE
Siemens TeleControl Server Basic — niebezpieczna deserializacja umożliwiająca RCE z uprawnieniami SYSTEM
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.4). Affected applicatio...