cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-45032,https://securityvulnerability.io/vulnerability/CVE-2024-45032,Unauthenticated Remote Attacker Could Impersonate Other Devices via Validation Vulnerability,"A vulnerability in Siemens Industrial Edge Management products has been identified where certain versions do not adequately validate device tokens. This flaw can be exploited by remote attackers who could assume the identities of legitimate devices within the system, potentially compromising the integrity and security of the environment. The vulnerability affects all versions of Industrial Edge Management Pro prior to V1.9.5 and all versions of Industrial Edge Management Virtual before V2.3.1-1. Organizations utilizing these products should assess their security measures and implement available patches to mitigate risks associated with this issue.",Siemens,"Industrial Edge Management Pro,Industrial Edge Management Virtual",10,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,2024-09-10T09:36:53.535Z,0
CVE-2022-40147,https://securityvulnerability.io/vulnerability/CVE-2022-40147,TLS Certificate Validation Flaw in Industrial Edge Management by Siemens,"A vulnerability has been identified in the Industrial Edge Management software by Siemens, where it fails to properly validate the server certificate when establishing a TLS connection. This oversight can enable an attacker to spoof a trusted entity, potentially compromising communication between clients and servers. Users running versions prior to V1.5.1 are at risk, as this could allow unauthorized access and manipulation of sensitive data during transmission.",Siemens,Industrial Edge Management,7.4,HIGH,0.0009200000204145908,false,,false,false,false,,false,false,2022-10-11T00:00:00.000Z,0
CVE-2021-37184,https://securityvulnerability.io/vulnerability/CVE-2021-37184,,A vulnerability has been identified in Industrial Edge Management (All versions < V1.3). An unauthenticated attacker could change the the password of any user in the system under certain circumstances. With this an attacker could impersonate any valid user on an affected system.,Siemens,Industrial Edge Management,9.8,CRITICAL,0.0022299999836832285,false,,false,false,false,,false,false,2021-09-14T10:47:48.000Z,0