CVE-2021-44522
published 2021-12-14CVE-2021-44522: A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions)…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal message broker system. This could allow an unauthenticated remote attacker to subscribe to arbitrary message queues.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sipass_integrated | — | — |
| siemens | sipass_integrated | — | — |
| siemens | sipass_integrated | — | — |
| siemens | sipass_integrated_v2.76 | — | — |
| siemens | sipass_integrated_v2.80 | — | — |
| siemens | sipass_integrated_v2.85 | — | — |
| siemens | siveillance_identity | — | — |
| siemens | siveillance_identity | 1.6 – 1.6.280.0 | — |
| siemens | siveillance_identity_v1.5 | — | — |
| siemens | siveillance_identity_v1.6 | — | — |