admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-13 08:00:36 +00:00
parent 9b78365dc3
commit 83e5164ee5
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
68 changed files with 3406 additions and 7997 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
2022/35xxx/CVE-2022-35868.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server\u00a0 (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions < V17 Update 6). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path."
"value": "A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions < V17 Update 6). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path."
}
]
},
@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -58,7 +59,7 @@
}
},
{
"product_name": "TIA Project-Server\u00a0",
"product_name": "TIA Project-Server",
"version": {
"version_data": [
{
@ -73,8 +74,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -102,6 +104,11 @@
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-640968.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-640968.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-640968.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-640968.html"
}
]
},

1046
2022/46xxx/CVE-2022-46143.json
View File

File diff suppressed because it is too large Load Diff

27
2023/26xxx/CVE-2023-26293.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution."
"value": "A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions < V16 Update 7), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution."
}
]
},
@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -51,8 +52,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V16 Update 7"
}
]
}
@ -62,8 +64,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V17 Update 6"
"version_affected": "<",
"version_name": "0",
"version_value": "V17 Update 6"
}
]
}
@ -73,8 +76,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V18 Update 1"
"version_affected": "<",
"version_name": "0",
"version_value": "V18 Update 1"
}
]
}
@ -91,6 +95,11 @@
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116924.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-116924.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-116924.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-116924.html"
}
]
},

4
2023/38xxx/CVE-2023-38527.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
@ -78,7 +78,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
"version_value": "V14.2.0.12"
}
]
}

4
2023/38xxx/CVE-2023-38529.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
@ -90,7 +90,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
"version_value": "V14.2.0.12"
}
]
}

4
2023/38xxx/CVE-2023-38531.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
@ -90,7 +90,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
"version_value": "V14.2.0.12"
}
]
}

1104
2023/44xxx/CVE-2023-44317.json
View File

File diff suppressed because it is too large Load Diff

204
2023/44xxx/CVE-2023-44318.json
View File

@ -69,9 +69,13 @@
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex A)",
"product_name": "SCALANCE M812-1 ADSL-Router",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
},
{
"version_affected": "=",
"version_value": "All versions"
@ -80,31 +84,13 @@
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex B)",
"product_name": "SCALANCE M816-1 ADSL-Router",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex A)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex B)",
"version": {
"version_data": [
},
{
"version_affected": "=",
"version_value": "All versions"
@ -146,7 +132,7 @@
}
},
{
"product_name": "SCALANCE M876-3 (EVDO)",
"product_name": "SCALANCE M876-3",
"version": {
"version_data": [
{
@ -234,7 +220,7 @@
}
},
{
"product_name": "SCALANCE S615",
"product_name": "SCALANCE S615 EEC LAN-Router",
"version": {
"version_data": [
{
@ -245,7 +231,7 @@
}
},
{
"product_name": "SCALANCE S615 EEC",
"product_name": "SCALANCE S615 LAN-Router",
"version": {
"version_data": [
{
@ -255,174 +241,6 @@
]
}
},
{
"product_name": "SCALANCE WAM763-1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM763-1 (ME)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM763-1 (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 (ME)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC (ME)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM763-1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM763-1 (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 (ME)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE XB205-3 (SC, PN)",
"version": {
@ -1290,7 +1108,7 @@
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
}

1104
2023/44xxx/CVE-2023-44319.json
View File

File diff suppressed because it is too large Load Diff

1017
2023/44xxx/CVE-2023-44320.json
View File

File diff suppressed because it is too large Load Diff

263
2023/44xxx/CVE-2023-44321.json
View File

@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -51,8 +52,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -62,52 +64,33 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex A)",
"product_name": "SCALANCE M812-1 ADSL-Router family",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex B)",
"product_name": "SCALANCE M816-1 ADSL-Router family",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex A)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex B)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -117,8 +100,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -128,8 +112,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -139,19 +124,33 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-3 (EVDO)",
"product_name": "SCALANCE M874-3 3G-Router (CN)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -161,8 +160,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -172,8 +172,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -183,8 +184,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -194,8 +196,33 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (A1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (B1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -205,8 +232,45 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (A1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (B1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (CN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -216,8 +280,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
@ -227,102 +292,33 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE S615",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE S615 EEC",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE SC622-2C",
"product_name": "SCALANCE S615 EEC LAN-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE SC626-2C",
"product_name": "SCALANCE S615 LAN-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE SC632-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE SC636-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE SC642-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE SC646-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
"version_value": "V8.1"
}
]
}
@ -1192,6 +1188,11 @@
"url": "https://cert-portal.siemens.com/productcert/html/ssa-353002.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-353002.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
]
},

936
2023/44xxx/CVE-2023-44322.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Affected devices can be configured to send emails when certain events occur on the device. When presented with an invalid response from the SMTP server, the device triggers an error that disrupts email sending. An attacker with access to the network can use this to do disable notification of users when certain events occur."
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.0), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.0), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.0), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.0), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.0), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.0), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.0), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.0), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.0), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.0), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.0), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.0). Affected devices can be configured to send emails when certain events occur on the device. When presented with an invalid response from the SMTP server, the device triggers an error that disrupts email sending. An attacker with access to the network can use this to do disable notification of users when certain events occur."
}
]
},
@ -72,7 +72,7 @@
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex A)",
"product_name": "SCALANCE M812-1 ADSL-Router",
"version": {
"version_data": [
{
@ -84,31 +84,7 @@
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex B)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex A)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex B)",
"product_name": "SCALANCE M816-1 ADSL-Router",
"version": {
"version_data": [
{
@ -156,7 +132,7 @@
}
},
{
"product_name": "SCALANCE M876-3 (EVDO)",
"product_name": "SCALANCE M876-3",
"version": {
"version_data": [
{
@ -252,7 +228,7 @@
}
},
{
"product_name": "SCALANCE S615",
"product_name": "SCALANCE S615 EEC LAN-Router",
"version": {
"version_data": [
{
@ -264,7 +240,7 @@
}
},
{
"product_name": "SCALANCE S615 EEC",
"product_name": "SCALANCE S615 LAN-Router",
"version": {
"version_data": [
{
@ -274,906 +250,6 @@
}
]
}
},
{
"product_name": "SCALANCE SC622-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.1"
}
]
}
},
{
"product_name": "SCALANCE SC626-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.1"
}
]
}
},
{
"product_name": "SCALANCE SC632-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.1"
}
]
}
},
{
"product_name": "SCALANCE SC636-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.1"
}
]
}
},
{
"product_name": "SCALANCE SC642-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.1"
}
]
}
},
{
"product_name": "SCALANCE SC646-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.1"
}
]
}
},
{
"product_name": "SCALANCE XB205-3 (SC, PN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB205-3 (ST, E/IP)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB205-3 (ST, PN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB205-3LD (SC, E/IP)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB205-3LD (SC, PN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB208 (E/IP)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB208 (PN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB213-3 (SC, E/IP)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB213-3 (SC, PN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB213-3 (ST, E/IP)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB213-3 (ST, PN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB213-3LD (SC, E/IP)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB213-3LD (SC, PN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB216 (E/IP)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XB216 (PN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2 (SC)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2 (ST/BFOC)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2G PoE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2G PoE (54 V DC)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2G PoE EEC (54 V DC)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2SFP",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2SFP EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2SFP G",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2SFP G (EIP DEF.)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC206-2SFP G EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC208",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC208EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC208G",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC208G (EIP def.)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC208G EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC208G PoE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC208G PoE (54 V DC)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC216",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC216-3G PoE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC216-3G PoE (54 V DC)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC216-4C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC216-4C G",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC216-4C G (EIP Def.)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC216-4C G EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC216EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC224",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC224-4C G",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC224-4C G (EIP Def.)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XC224-4C G EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XF204",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XF204 DNA",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XF204-2BA",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XF204-2BA DNA",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XP208",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XP208 (Ethernet/IP)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XP208EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XP208PoE EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XP216",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XP216 (Ethernet/IP)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XP216EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XP216POE EEC",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XR324WG (24 x FE, AC 230V)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XR324WG (24 X FE, DC 24V)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XR326-2C PoE WG",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XR326-2C PoE WG (without UL)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XR328-4C WG (28xGE, AC 230V)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SCALANCE XR328-4C WG (28xGE, DC 24V)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SIPLUS NET SCALANCE XC206-2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SIPLUS NET SCALANCE XC206-2SFP",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SIPLUS NET SCALANCE XC208",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
},
{
"product_name": "SIPLUS NET SCALANCE XC216-4C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.5"
}
]
}
}
]
}

1104
2023/44xxx/CVE-2023-44373.json
View File

File diff suppressed because it is too large Load Diff

1042
2023/44xxx/CVE-2023-44374.json
View File

File diff suppressed because it is too large Load Diff

382
2023/46xxx/CVE-2023-46280.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V16 (All versions), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC PCS 7 V9.1 (All versions), SIMATIC PDM V9.2 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC Unified PC Runtime (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel."
"value": "A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel."
}
]
},
@ -36,384 +36,13 @@
"product": {
"product_data": [
{
"product_name": "S7-PCT",
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Security Configuration Tool (SCT)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC Automation Tool",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC BATCH V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V16",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V17",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V18",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V18 SP1"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC PDM V9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC Route Control V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC STEP 7 V5",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC OA V3.17",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC OA V3.18",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.18 P025"
}
]
}
},
{
"product_name": "SIMATIC WinCC OA V3.19",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.19 P010"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Advanced",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V16",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V16 Update 6"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V17",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V18",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V18 Update 4"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V19",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V19 Update 2"
}
]
}
},
{
"product_name": "SIMATIC WinCC Unified PC Runtime",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.5",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V7.5 SP2 Update 17"
}
]
}
},
{
"product_name": "SIMATIC WinCC V8.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0 Update 5"
}
]
}
},
{
"product_name": "SINAMICS Startdrive",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V19 SP1"
}
]
}
},
{
"product_name": "SINUMERIK ONE virtual",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V6.23"
}
]
}
},
{
"product_name": "SINUMERIK PLC Programming Tool",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "TIA Portal Cloud Connector",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2.0"
}
]
}
},
{
"product_name": "Totally Integrated Automation Portal (TIA Portal) V15.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Totally Integrated Automation Portal (TIA Portal) V16",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Totally Integrated Automation Portal (TIA Portal) V17",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Totally Integrated Automation Portal (TIA Portal) V18",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V18 Update 4"
}
]
}
},
{
"product_name": "Totally Integrated Automation Portal (TIA Portal) V19",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V19 Update 2"
"version_value": "V3.0"
}
]
}
@ -430,6 +59,11 @@
"url": "https://cert-portal.siemens.com/productcert/html/ssa-962515.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-962515.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
}
]
},

4
2023/46xxx/CVE-2023-46281.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior."
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior."
}
]
},
@ -114,7 +114,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "V17 Update 7"
"version_value": "*"
}
]
}

4
2023/46xxx/CVE-2023-46282.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user."
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user."
}
]
},
@ -114,7 +114,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "V17 Update 7"
"version_value": "*"
}
]
}

4
2023/46xxx/CVE-2023-46283.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
}
]
},
@ -114,7 +114,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "V17 Update 7"
"version_value": "*"
}
]
}

4
2023/46xxx/CVE-2023-46284.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
}
]
},
@ -114,7 +114,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "V17 Update 7"
"version_value": "*"
}
]
}

4
2023/46xxx/CVE-2023-46285.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog."
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog."
}
]
},
@ -114,7 +114,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "V17 Update 7"
"version_value": "*"
}
]
}

276
2023/49xxx/CVE-2023-49691.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.0), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.0), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.0), SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) (All versions < V8.0), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.0), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.0), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.0), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.0), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.0), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.0), SCALANCE S615 (6GK5615-0AA00-2AA2) (All versions < V8.0), SCALANCE S615 EEC (6GK5615-0AA01-2AA2) (All versions < V8.0), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V3.0.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions), SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) (All versions), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions), SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) (All versions), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions), SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) (All versions), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions), SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) (All versions). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the handling of the DDNS configuration. This could allow malicious local administrators to issue commands on system level after a successful IP address update."
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.0), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.0), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.0), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.0), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.0), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.0), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.0), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.0), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.0), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.0), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.0), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.0). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the handling of the DDNS configuration. This could allow malicious local administrators to issue commands on system level after a successful IP address update."
}
]
},
@ -72,7 +72,7 @@
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex A)",
"product_name": "SCALANCE M812-1 ADSL-Router",
"version": {
"version_data": [
{
@ -84,31 +84,7 @@
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex B)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex A)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex B)",
"product_name": "SCALANCE M816-1 ADSL-Router",
"version": {
"version_data": [
{
@ -156,7 +132,7 @@
}
},
{
"product_name": "SCALANCE M876-3 (EVDO)",
"product_name": "SCALANCE M876-3",
"version": {
"version_data": [
{
@ -252,7 +228,7 @@
}
},
{
"product_name": "SCALANCE S615",
"product_name": "SCALANCE S615 EEC LAN-Router",
"version": {
"version_data": [
{
@ -264,7 +240,7 @@
}
},
{
"product_name": "SCALANCE S615 EEC",
"product_name": "SCALANCE S615 LAN-Router",
"version": {
"version_data": [
{
@ -274,246 +250,6 @@
}
]
}
},
{
"product_name": "SCALANCE SC622-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC626-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC632-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC636-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC642-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC646-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE WAM763-1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM763-1 (ME)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM763-1 (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 (ME)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC (ME)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM763-1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM763-1 (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 (ME)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 (US)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
}
]
}

108
2023/49xxx/CVE-2023-49692.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE S615 EEC (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V3.0.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established."
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established."
}
]
},
@ -72,7 +72,7 @@
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex A)",
"product_name": "SCALANCE M812-1 ADSL-Router",
"version": {
"version_data": [
{
@ -84,31 +84,7 @@
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex B)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex A)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex B)",
"product_name": "SCALANCE M816-1 ADSL-Router",
"version": {
"version_data": [
{
@ -156,7 +132,7 @@
}
},
{
"product_name": "SCALANCE M876-3 (EVDO)",
"product_name": "SCALANCE M876-3",
"version": {
"version_data": [
{
@ -252,7 +228,7 @@
}
},
{
"product_name": "SCALANCE S615",
"product_name": "SCALANCE S615 EEC LAN-Router",
"version": {
"version_data": [
{
@ -264,7 +240,7 @@
}
},
{
"product_name": "SCALANCE S615 EEC",
"product_name": "SCALANCE S615 LAN-Router",
"version": {
"version_data": [
{
@ -274,78 +250,6 @@
}
]
}
},
{
"product_name": "SCALANCE SC622-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC626-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC632-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC636-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC642-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC646-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
}
]
}

4
2024/26xxx/CVE-2024-26275.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
"value": "A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
@ -90,7 +90,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
"version_value": "V14.2.0.12"
}
]
}

4
2024/26xxx/CVE-2024-26276.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition."
"value": "A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition."
}
]
},
@ -90,7 +90,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
"version_value": "V14.2.0.12"
}
]
}

4
2024/26xxx/CVE-2024-26277.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
"value": "A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
}
]
},
@ -90,7 +90,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
"version_value": "V14.2.0.12"
}
]
}

31
2024/32xxx/CVE-2024-32635.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.256), Parasolid V36.0 (All versions < V36.0.208), Parasolid V36.1 (All versions < V36.1.173). The affected applications contain an out of bounds read past the unmapped memory region while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
"value": "A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain an out of bounds read past the unmapped memory region while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
@ -36,37 +36,49 @@
"product": {
"product_data": [
{
"product_name": "Parasolid V35.1",
"product_name": "JT2Go",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V35.1.256"
"version_value": "V2312.0005"
}
]
}
},
{
"product_name": "Parasolid V36.0",
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V36.0.208"
"version_value": "V14.2.0.12"
}
]
}
},
{
"product_name": "Parasolid V36.1",
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V36.1.173"
"version_value": "V14.3.0.10"
}
]
}
},
{
"product_name": "Teamcenter Visualization V2312",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2312.0005"
}
]
}
@ -83,6 +95,11 @@
"url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html"
}
]
},

31
2024/32xxx/CVE-2024-32636.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.256), Parasolid V36.0 (All versions < V36.0.208), Parasolid V36.1 (All versions < V36.1.173). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
"value": "A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
@ -36,37 +36,49 @@
"product": {
"product_data": [
{
"product_name": "Parasolid V35.1",
"product_name": "JT2Go",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V35.1.256"
"version_value": "V2312.0005"
}
]
}
},
{
"product_name": "Parasolid V36.0",
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V36.0.208"
"version_value": "V14.2.0.12"
}
]
}
},
{
"product_name": "Parasolid V36.1",
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V36.1.173"
"version_value": "V14.3.0.10"
}
]
}
},
{
"product_name": "Teamcenter Visualization V2312",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2312.0005"
}
]
}
@ -83,6 +95,11 @@
"url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html"
}
]
},

31
2024/32xxx/CVE-2024-32637.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.256), Parasolid V36.0 (All versions < V36.0.208), Parasolid V36.1 (All versions < V36.1.173). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
"value": "A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
}
]
},
@ -36,37 +36,49 @@
"product": {
"product_data": [
{
"product_name": "Parasolid V35.1",
"product_name": "JT2Go",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V35.1.256"
"version_value": "V2312.0005"
}
]
}
},
{
"product_name": "Parasolid V36.0",
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V36.0.208"
"version_value": "V14.2.0.12"
}
]
}
},
{
"product_name": "Parasolid V36.1",
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V36.1.173"
"version_value": "V14.3.0.10"
}
]
}
},
{
"product_name": "Teamcenter Visualization V2312",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2312.0005"
}
]
}
@ -83,6 +95,11 @@
"url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html"
}
]
},

65
2024/36xxx/CVE-2024-36398.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-36398",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250: Execution with Unnecessary Privileges",
"cweId": "CWE-250"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

2
2024/38xxx/CVE-2024-38867.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.64), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.64), SIPROTEC 5 6MD89 (CP300) (All versions < V9.64), SIPROTEC 5 6MU85 (CP300) (All versions < V9.64), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.64), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.65), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.65), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.65), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.65), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.65), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.65), SIPROTEC 5 7SJ81 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.65), SIPROTEC 5 7SJ82 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.65), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.65), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.65), SIPROTEC 5 7SK82 (CP100) (All versions < V8.89), SIPROTEC 5 7SK82 (CP150) (All versions < V9.65), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.65), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.65), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.65), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.65), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.64), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions < V9.64), SIPROTEC 5 7ST86 (CP300) (All versions < V9.64), SIPROTEC 5 7SX82 (CP150) (All versions < V9.65), SIPROTEC 5 7SX85 (CP300) (All versions < V9.65), SIPROTEC 5 7UM85 (CP300) (All versions < V9.64), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.65), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.65), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.65), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.65), SIPROTEC 5 7VE85 (CP300) (All versions < V9.64), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.65), SIPROTEC 5 7VU85 (CP300) (All versions < V9.64), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions < V9.62 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions < V9.62 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.62), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.64). The affected devices are supporting weak ciphers on several ports (443/tcp for web, 4443/tcp for DIGSI 5 and configurable port for syslog over TLS). \r\nThis could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over to and from those ports."
"value": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.64), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.64), SIPROTEC 5 6MD89 (CP300) (All versions < V9.64), SIPROTEC 5 6MU85 (CP300) (All versions < V9.64), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.64), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.65), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.65), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.65), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.65), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.65), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.65), SIPROTEC 5 7SJ81 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.65), SIPROTEC 5 7SJ82 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.65), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.65), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.65), SIPROTEC 5 7SK82 (CP100) (All versions < V8.89), SIPROTEC 5 7SK82 (CP150) (All versions < V9.65), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.65), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.65), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.65), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.65), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.64), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions < V9.64), SIPROTEC 5 7ST86 (CP300) (All versions < V9.64), SIPROTEC 5 7SX82 (CP150) (All versions < V9.65), SIPROTEC 5 7SX85 (CP300) (All versions < V9.65), SIPROTEC 5 7UM85 (CP300) (All versions < V9.64), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.65), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.65), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.65), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.65), SIPROTEC 5 7VE85 (CP300) (All versions < V9.64), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.65), SIPROTEC 5 7VU85 (CP300) (All versions < V9.64), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions < V9.62 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions < V9.62 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.62), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.64). The affected devices are supporting weak ciphers on several ports (443/tcp for web, 4443/tcp for DIGSI 5 and configurable port for syslog over TLS). \r\nThis could allow an unauthorized attacker in a man-in-the-middle position to decrypt any data passed over to and from those ports."
}
]
},

50
2024/38xxx/CVE-2024-38876.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Omnivise\u00a0T3000 Application Server (All versions >= R9.2), Omnivise T3000 Domain Controller (All versions >= R9.2), Omnivise T3000 Product Data Management (PDM) (All versions >= R9.2), Omnivise\u00a0T3000 Terminal Server (All versions >= R9.2), Omnivise T3000 Thin Client (All versions >= R9.2), Omnivise T3000 Whitelisting Server (All versions >= R9.2). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges."
"value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges."
}
]
},
@ -36,72 +36,96 @@
"product": {
"product_data": [
{
"product_name": "Omnivise\u00a0T3000 Application Server",
"product_name": "Omnivise T3000 Application Server R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "R9.2",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 Domain Controller",
"product_name": "Omnivise T3000 Domain Controller R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "R9.2",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 Product Data Management (PDM)",
"product_name": "Omnivise T3000 Product Data Management (PDM) R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "R9.2",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise\u00a0T3000 Terminal Server",
"product_name": "Omnivise T3000 R8.2 SP3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "R9.2",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 Thin Client",
"product_name": "Omnivise T3000 R8.2 SP4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "R9.2",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 Whitelisting Server",
"product_name": "Omnivise T3000 Terminal Server R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "R9.2",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 Thin Client R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 Whitelisting Server R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]

42
2024/38xxx/CVE-2024-38877.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Omnivise\u00a0T3000 Application Server (All versions), Omnivise T3000 Domain Controller (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) (All versions), Omnivise T3000 Product Data Management (PDM) (All versions), Omnivise T3000 Security Server (All versions), Omnivise\u00a0T3000 Terminal Server (All versions), Omnivise T3000 Thin Client (All versions), Omnivise T3000 Whitelisting Server (All versions). The affected devices stores initial system credentials without sufficient protection. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network."
"value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network."
}
]
},
@ -36,7 +36,7 @@
"product": {
"product_data": [
{
"product_name": "Omnivise\u00a0T3000 Application Server",
"product_name": "Omnivise T3000 Application Server R9.2",
"version": {
"version_data": [
{
@ -48,7 +48,7 @@
}
},
{
"product_name": "Omnivise T3000 Domain Controller",
"product_name": "Omnivise T3000 Domain Controller R9.2",
"version": {
"version_data": [
{
@ -60,7 +60,7 @@
}
},
{
"product_name": "Omnivise T3000 Network Intrusion Detection System (NIDS)",
"product_name": "Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2",
"version": {
"version_data": [
{
@ -72,7 +72,7 @@
}
},
{
"product_name": "Omnivise T3000 Product Data Management (PDM)",
"product_name": "Omnivise T3000 Product Data Management (PDM) R9.2",
"version": {
"version_data": [
{
@ -84,7 +84,7 @@
}
},
{
"product_name": "Omnivise T3000 Security Server",
"product_name": "Omnivise T3000 R8.2 SP3",
"version": {
"version_data": [
{
@ -96,7 +96,7 @@
}
},
{
"product_name": "Omnivise\u00a0T3000 Terminal Server",
"product_name": "Omnivise T3000 R8.2 SP4",
"version": {
"version_data": [
{
@ -108,7 +108,7 @@
}
},
{
"product_name": "Omnivise T3000 Thin Client",
"product_name": "Omnivise T3000 Security Server R9.2",
"version": {
"version_data": [
{
@ -120,7 +120,31 @@
}
},
{
"product_name": "Omnivise T3000 Whitelisting Server",
"product_name": "Omnivise T3000 Terminal Server R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 Thin Client R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 Whitelisting Server R9.2",
"version": {
"version_data": [
{

28
2024/38xxx/CVE-2024-38878.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Omnivise\u00a0T3000 Application Server (All versions). Affected devices allow authenticated users to export diagnostics data. The corresponding API endpoint is susceptible to path traversal and could allow an authenticated attacker to download arbitrary files from the file system."
"value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). Affected devices allow authenticated users to export diagnostics data. The corresponding API endpoint is susceptible to path traversal and could allow an authenticated attacker to download arbitrary files from the file system."
}
]
},
@ -36,7 +36,31 @@
"product": {
"product_data": [
{
"product_name": "Omnivise\u00a0T3000 Application Server",
"product_name": "Omnivise T3000 Application Server R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 R8.2 SP3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 R8.2 SP4",
"version": {
"version_data": [
{

28
2024/38xxx/CVE-2024-38879.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Omnivise\u00a0T3000 Application Server (All versions). The affected system exposes the port of an internal application on the public network interface allowing an attacker to circumvent authentication and directly access the exposed application."
"value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system exposes the port of an internal application on the public network interface allowing an attacker to circumvent authentication and directly access the exposed application."
}
]
},
@ -36,7 +36,31 @@
"product": {
"product_data": [
{
"product_name": "Omnivise\u00a0T3000 Application Server",
"product_name": "Omnivise T3000 Application Server R9.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 R8.2 SP3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Omnivise T3000 R8.2 SP4",
"version": {
"version_data": [
{

245
2024/39xxx/CVE-2024-39922.json
View File

@ -1,17 +1,254 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39922",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions). Affected devices store user passwords in plaintext without proper protection. This could allow a physical attacker to retrieve them from the embedded storage ICs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-256: Plaintext Storage of a Password",
"cweId": "CWE-256"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "LOGO! 12/24RCE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "LOGO! 12/24RCEo",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "LOGO! 230RCE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "LOGO! 230RCEo",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "LOGO! 24CE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "LOGO! 24CEo",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "LOGO! 24RCE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "LOGO! 24RCEo",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIPLUS LOGO! 12/24RCE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIPLUS LOGO! 12/24RCEo",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIPLUS LOGO! 230RCE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIPLUS LOGO! 230RCEo",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIPLUS LOGO! 24CE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIPLUS LOGO! 24CEo",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIPLUS LOGO! 24RCE",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIPLUS LOGO! 24RCEo",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-921449.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-921449.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
}
]
}

65
2024/41xxx/CVE-2024-41681.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41681",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connection between legitimate clients and the affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-326: Inadequate Encryption Strength",
"cweId": "CWE-326"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Location Intelligence family",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
}
]
}

65
2024/41xxx/CVE-2024-41682.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41682",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated remote attacker to conduct brute force attacks against legitimate user passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"cweId": "CWE-307"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Location Intelligence family",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

65
2024/41xxx/CVE-2024-41683.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41683",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce a strong user password policy. This could facilitate a brute force attack against legitimate user passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-521: Weak Password Requirements",
"cweId": "CWE-521"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Location Intelligence family",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V4.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

65
2024/41xxx/CVE-2024-41903.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41903",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application mounts the container's root filesystem with read and write privileges. This could allow an attacker to alter the container's filesystem leading to unauthorized modifications and data corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management",
"cweId": "CWE-269"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC Traffic Analyzer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
}
]
}

65
2024/41xxx/CVE-2024-41904.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41904",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker to conduct brute force attacks against legitimate user credentials or keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"cweId": "CWE-307"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC Traffic Analyzer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}

65
2024/41xxx/CVE-2024-41905.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41905",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege's to get access to sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC Traffic Analyzer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
}
]
}

65
2024/41xxx/CVE-2024-41906.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41906",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-524: Use of Cache Containing Sensitive Information",
"cweId": "CWE-524"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC Traffic Analyzer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
}
]
}

65
2024/41xxx/CVE-2024-41907.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41907",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-358: Improperly Implemented Security Check for Standard",
"cweId": "CWE-358"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC Traffic Analyzer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 4.2,
"baseSeverity": "MEDIUM"
}
]
}

65
2024/41xxx/CVE-2024-41908.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41908",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in NX (All versions < V2406.3000). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "NX",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2406.3000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-357412.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-357412.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

65
2024/41xxx/CVE-2024-41938.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41938",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L/E:P/RL:O/RC:C",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
}
]
}

65
2024/41xxx/CVE-2024-41939.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41939",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization",
"cweId": "CWE-863"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

65
2024/41xxx/CVE-2024-41940.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41940",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
}
]
}

65
2024/41xxx/CVE-2024-41941.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41941",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization",
"cweId": "CWE-863"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
}
]
}

341
2024/41xxx/CVE-2024-41976.json
View File

@ -1,17 +1,350 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41976",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) EU",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) NAM",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M804PB",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router family",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router family",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M826-2 SHDSL-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M874-2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M874-3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M874-3 3G-Router (CN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-3 (ROK)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (NAM)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (A1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (B1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (A1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (B1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (CN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (RoW)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE S615 EEC LAN-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE S615 LAN-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"baseScore": 7.2,
"baseSeverity": "HIGH"
}
]
}

341
2024/41xxx/CVE-2024-41977.json
View File

@ -1,17 +1,350 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41977",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-488: Exposure of Data Element to Wrong Session",
"cweId": "CWE-488"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) EU",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) NAM",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M804PB",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router family",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router family",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M826-2 SHDSL-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M874-2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M874-3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M874-3 3G-Router (CN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-3 (ROK)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (NAM)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (A1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (B1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (A1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (B1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (CN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (RoW)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE S615 EEC LAN-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE S615 LAN-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.1,
"baseSeverity": "HIGH"
}
]
}

341
2024/41xxx/CVE-2024-41978.json
View File

@ -1,17 +1,350 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41978",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Insertion of Sensitive Information into Log File",
"cweId": "CWE-532"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) EU",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) NAM",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M804PB",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router family",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router family",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M826-2 SHDSL-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M874-2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M874-3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M874-3 3G-Router (CN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-3 (ROK)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (NAM)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (A1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (B1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (A1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (B1)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (CN)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (RoW)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE S615 EEC LAN-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
},
{
"product_name": "SCALANCE S615 LAN-Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}
]
}

18
2024/43xxx/CVE-2024-43425.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43425",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43426.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43426",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43427.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43427",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43428.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43428",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43429.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43429",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43430.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43430",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43431.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43431",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43432.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43432",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43433.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43433",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43434.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43434",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43435.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43435",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43436.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43436",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43437.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43437",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43438.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43438",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43439.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43439",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43440.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43440",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43441.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43441",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}