CVE-2023-44315
published 2023-10-10CVE-2023-44315: A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could prepare a stored cross-site scripting (XSS) attack that may lead to unintentional modification of application data by legitimate users.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sinec_nms | < V2.0 | V2.0 |
| siemens | sinec_nms | < 2.0 | 2.0 |