cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-31810,https://securityvulnerability.io/vulnerability/CVE-2022-31810,Buffer Overflow Vulnerability in SiPass Integrated Server Application by Siemens,"A security flaw in the SiPass Integrated server application allows for a stack-based buffer overflow due to improper size checks of data packets during the configuration client login. This vulnerability permits an unauthenticated remote attacker to exploit the flaw, potentially crashing the server application and resulting in a denial of service condition. Users of all versions prior to V2.90.3.8 should assess their systems for potential risk.",Siemens,Sipass Integrated,7.5,HIGH,0.002090000081807375,false,,false,false,false,,false,false,2023-07-11T09:07:03.150Z,0
CVE-2022-31808,https://securityvulnerability.io/vulnerability/CVE-2022-31808,Command Injection Vulnerability in SiPass Integrated Access Control Devices,"A command injection vulnerability exists in the SiPass integrated AC5102 (ACC-G2) and ACC-AP access control devices due to inadequate sanitization of user input on the telnet command line interface. This security flaw enables an authenticated attacker to execute arbitrary commands with root privileges, potentially leading to unauthorized access and control over the affected systems. Organizations using these devices should implement immediate measures to secure their installations.",Siemens,"Sipass Integrated Ac5102 (acc-g2),Sipass Integrated Acc-ap",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,false,false,2023-02-14T10:36:07.859Z,0
CVE-2021-44524,https://securityvulnerability.io/vulnerability/CVE-2021-44524,,"A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal user authentication service. This could allow an unauthenticated remote attacker to trigger several actions on behalf of valid user accounts.",Siemens,"Sipass Integrated V2.76,Sipass Integrated V2.80,Sipass Integrated V2.85,Siveillance Identity V1.5,Siveillance Identity V1.6",9.8,CRITICAL,0.006479999981820583,false,,false,false,false,,false,false,2021-12-14T12:07:11.000Z,0
CVE-2021-44523,https://securityvulnerability.io/vulnerability/CVE-2021-44523,,"A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal activity feed database. This could allow an unauthenticated remote attacker to read, modify or delete activity feed entries.",Siemens,"Sipass Integrated V2.76,Sipass Integrated V2.80,Sipass Integrated V2.85,Siveillance Identity V1.5,Siveillance Identity V1.6",9.1,CRITICAL,0.003329999977722764,false,,false,false,false,,false,false,2021-12-14T12:07:10.000Z,0
CVE-2021-44522,https://securityvulnerability.io/vulnerability/CVE-2021-44522,,"A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal message broker system. This could allow an unauthenticated remote attacker to subscribe to arbitrary message queues.",Siemens,"Sipass Integrated V2.76,Sipass Integrated V2.80,Sipass Integrated V2.85,Siveillance Identity V1.5,Siveillance Identity V1.6",7.5,HIGH,0.003060000017285347,false,,false,false,false,,false,false,2021-12-14T12:07:09.000Z,0
CVE-2017-9940,https://securityvulnerability.io/vulnerability/CVE-2017-9940,,A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file system of the SiPass integrated server over the network.,Siemens,Sipass Integrated All Versions Before V2.70,8.1,HIGH,0.0006600000197067857,false,,false,false,false,,false,false,2017-08-08T00:00:00.000Z,0
CVE-2017-9941,https://securityvulnerability.io/vulnerability/CVE-2017-9941,,A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker in a Man-in-the-Middle position between the SiPass integrated server and SiPass integrated clients to read or modify the network communication.,Siemens,Sipass Integrated All Versions Before V2.70,7.4,HIGH,0.001180000021122396,false,,false,false,false,,false,false,2017-08-08T00:00:00.000Z,0
CVE-2017-9942,https://securityvulnerability.io/vulnerability/CVE-2017-9942,,A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems.,Siemens,Sipass Integrated All Versions Before V2.70,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,false,false,2017-08-08T00:00:00.000Z,0
CVE-2017-9939,https://securityvulnerability.io/vulnerability/CVE-2017-9939,,A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication mechanism and perform administrative operations.,Siemens,Sipass Integrated All Versions Before V2.70,9.8,CRITICAL,0.002730000065639615,false,,false,false,false,,false,false,2017-08-08T00:00:00.000Z,0
CVE-2012-5409,https://securityvulnerability.io/vulnerability/CVE-2012-5409,,"AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data to any memory location and consequently execute arbitrary code via crafted messages, as demonstrated by an arbitrary pointer dereference attack or a buffer overflow attack.",Siemens,Sipass Integrated,,,0.24270999431610107,false,,false,false,false,,false,false,2012-11-01T10:00:00.000Z,0