Siemens Sinec Network Management System vulnerabilities

CVE-2022-22965 [CRITICAL] CWE-94 CVE-2022-22965: A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execut A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature

CVE-2022-25311 [HIGH] CWE-269 CVE-2022-25311: A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All ver A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user

CVE-2022-24281 [HIGH] CWE-89 CVE-2022-24281: A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All ver A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application.

CVE-2022-24282 [HIGH] CWE-502 CVE-2022-24282: A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All ver A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could ex

CVE-2021-37200 [HIGH] CWE-22 CVE-2021-37200: A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). An attacker with access A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). An attacker with access to the webserver of an affected system could download arbitrary files from the underlying filesystem by sending a specially crafted HTTP request.

CVE-2021-37201 [HIGH] CWE-352 CVE-2021-37201: A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). The web interface of aff A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). The web interface of affected devices is vulnerable to a Cross-Site Request Forgery (CSRF) attack. This could allow an attacker to manipulate the SINEC NMS configuration by tricking an unsuspecting user with administrative privileges to click on a malicious link.

CVE-2021-33721 [HIGH] CWE-78 CVE-2021-33721: A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges could exploit this vulnerability to execute arbitrary code on the system with

CVE-2020-25237 [HIGH] CWE-22 CVE-2020-25237: A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server ( A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacke