CVE-2022-24281
published 2022-03-08CVE-2022-24281: A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sinec_network_management_system | < 1.0.3 | 1.0.3 |
| siemens | sinec_nms | — | — |
| siemens | sinema_server_v14 | — | — |