CVE-2017-9940

CWE-269Improper Privilege Management5 documents5 sources
Severity
8.1HIGH
EPSS
0.2%
top 60.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Siemens Sipass Integrated
Timeline
PublishedAug 8
Latest updateMay 13

Description

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file system of the SiPass integrated server over the network.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages2 packages

CVEListV5sipass_integrated_all_versions_before_v2.70SiPass integrated All versions before V2.70

🔴Vulnerability Details

3
GHSA
GHSA-9jh8-jxmj-8c4h: A vulnerability was discovered in Siemens SiPass integrated (All versions before V22022-05-13
CVEList
CVE-2017-9940: A vulnerability was discovered in Siemens SiPass integrated (All versions before V22017-08-08
OSV
linux vulnerabilities2017-06-29

💬Community

1
Bugzilla
CVE-2014-9940 kernel: Use-after-free in the regulator_ena_gpio_free function2017-05-10
CVE-2017-9940 (HIGH CVSS 8.1) | A vulnerability was discovered in S | cvebase.io