Siemens Opcenter Quality vulnerabilities
19 known vulnerabilities affecting siemens/opcenter_quality.
Total CVEs
19
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH7MEDIUM6LOW3
Vulnerabilities
Page 1 of 1
CVE-2024-41979HIGHCVSS 7.5v13.22025-08-12
CVE-2024-41979 [HIGH] CWE-863 CVE-2024-41979: A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V1
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 = V13.2 = V13.2 < V2506). The affected application does not enforce mandatory authorization on some functionality level at server side. This could allow an authenticated attacker to gain complete access of the application.
nvd
CVE-2024-41983MEDIUMCVSS 5.1v13.22025-08-12
CVE-2024-41983 [MEDIUM] CWE-209 CVE-2024-41983: A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V1
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 = V13.2 = V13.2 < V2506). The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool.
nvd
CVE-2024-41986MEDIUMCVSS 6.1v13.22025-08-12
CVE-2024-41986 [MEDIUM] CWE-327 CVE-2024-41986: A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V1
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 = V13.2 = V13.2 < V2506). The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data.
nvd
CVE-2024-41982MEDIUMCVSS 5.9v13.22025-08-12
CVE-2024-41982 [MEDIUM] CWE-311 CVE-2024-41982: A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V1
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 = V13.2 = V13.2 < V2506). The affected application does not have adequate encryption of sensitive information. This could allow an authenticated attacker to gain access of sensitive information.
nvd
CVE-2024-41980LOWCVSS 2.0v13.22025-08-12
CVE-2024-41980 [LOW] CWE-311 CVE-2024-41980: A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V1
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 = V13.2 = V13.2 < V2506). The affected application do not encrypt the communication in LDAP interface by default. This could allow an authenticated attacker to gain unauthorized access to sensitive information.
nvd
CVE-2024-41985LOWCVSS 2.1v13.22025-08-12
CVE-2024-41985 [LOW] CWE-613 CVE-2024-41985: A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V1
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 = V13.2 = V13.2 < V2506). The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle.
nvd
CVE-2024-41984LOWCVSS 2.1v13.22025-08-12
CVE-2024-41984 [LOW] CWE-209 CVE-2024-41984: A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V1
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 = V13.2 = V13.2 < V2506). The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications.
nvd
CVE-2024-49775CRITICALCVSS 9.3fixed in V25122024-12-16
CVE-2024-49775 [CRITICAL] CWE-122 CVE-2024-49775: A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), Op
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), Opcenter Intelligence (All versions < V2501.0001), Opcenter Quality (All versions < V2512), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versi
cvelistv5nvd
CVE-2024-33698CRITICALCVSS 9.3fixed in V24062024-09-10
CVE-2024-33698 [CRITICAL] CWE-122 CVE-2024-33698: A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All v
A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions < V3.2 SP3), Totall
cvelistv5nvd
CVE-2023-46281HIGHCVSS 8.8fixed in V23122023-12-12
CVE-2023-46281 [HIGH] CWE-942 CVE-2023-46281: A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcente
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), T
cvelistv5nvd
CVE-2023-46283HIGHCVSS 7.5fixed in V23122023-12-12
CVE-2023-46283 [HIGH] CWE-120 CVE-2023-46283: A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcente
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), T
cvelistv5nvd
CVE-2023-46285HIGHCVSS 7.5fixed in V23122023-12-12
CVE-2023-46285 [HIGH] CWE-20 CVE-2023-46285: A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcente
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), To
cvelistv5nvd
CVE-2023-46284HIGHCVSS 7.5fixed in V23122023-12-12
CVE-2023-46284 [HIGH] CWE-120 CVE-2023-46284: A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcente
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), T
cvelistv5nvd
CVE-2023-46282MEDIUMCVSS 6.1fixed in V23122023-12-12
CVE-2023-46282 [HIGH] CWE-79 CVE-2023-46282: A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcente
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), To
cvelistv5nvd
CVE-2022-33736HIGHCVSS 7.5≥ 13.1.0, < 13.1.20220624≥ 13.2.0, < 13.2.202206242022-07-12
CVE-2022-33736 [HIGH] CWE-303 CVE-2022-33736: A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcen
A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to
nvd
CVE-2021-27389CRITICALCVSS 9.8fixed in 12.2vAll versions < V12.22021-04-22
CVE-2021-27389 [CRITICAL] CWE-321 CVE-2021-27389: A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All
A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the product without adequate protection.
cvelistv5nvd
CVE-2020-7587HIGHCVSS 8.2fixed in 11.3vAll versions < V11.32020-07-14
CVE-2020-7587 [HIGH] CWE-400 CVE-2020-7587: A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter E
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Produ
cvelistv5nvd
CVE-2020-7581MEDIUMCVSS 6.7fixed in 11.3vAll versions < V11.32020-07-14
CVE-2020-7581 [MEDIUM] CWE-428 CVE-2020-7581: A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter E
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions),
cvelistv5nvd
CVE-2020-7588MEDIUMCVSS 5.3fixed in 11.3vAll versions < V11.32020-07-14
CVE-2020-7588 [MEDIUM] CWE-20 CVE-2020-7588: A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter E
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Prod
cvelistv5nvd