cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-41543,https://securityvulnerability.io/vulnerability/CVE-2021-41543,,"A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in users to access sensitive files.",Siemens,"Climatix Pol909 (awb Module),Climatix Pol909 (awm Module)",6.5,MEDIUM,0.0005699999746866524,false,,false,false,false,,false,false,2022-03-08T11:31:12.000Z,0
CVE-2021-41542,https://securityvulnerability.io/vulnerability/CVE-2021-41542,,"A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The User Management page of affected devices is vulnerable to cross-site scripting (XSS). The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser action.",Siemens,"Climatix Pol909 (awb Module),Climatix Pol909 (awm Module)",6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,false,false,2022-03-08T11:31:11.000Z,0
CVE-2021-41541,https://securityvulnerability.io/vulnerability/CVE-2021-41541,,"A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The Group Management page of affected devices is vulnerable to cross-site scripting (XSS). The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser action.",Siemens,"Climatix Pol909 (awb Module),Climatix Pol909 (awm Module)",6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,false,false,2022-03-08T11:31:09.000Z,0
CVE-2021-40366,https://securityvulnerability.io/vulnerability/CVE-2021-40366,,"A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.42), Climatix POL909 (AWM module) (All versions < V11.34). The web server of affected devices transmits data without TLS encryption. This could allow an unauthenticated remote attacker in a man-in-the-middle position to read sensitive data, such as administrator credentials, or modify data in transit.",Siemens,"Climatix Pol909 (awb Module),Climatix Pol909 (awm Module)",7.4,HIGH,0.001509999972768128,false,,false,false,false,,false,false,2021-11-09T11:32:07.000Z,0