cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-42733,https://securityvulnerability.io/vulnerability/CVE-2022-42733,Improper Access Control in syngo Dynamics by Siemens Healthineers,"A vulnerability exists in syngo Dynamics where improper read access control in the web service may allow unauthorized access to files from any folder that is accessible to the account used by the website's application pool. This could lead to potential data exposure, compromising sensitive information.",Siemens,Syngo Dynamics,7.5,HIGH,0.0011500000255182385,false,,false,false,false,,false,false,2022-11-17T00:00:00.000Z,0
CVE-2022-42734,https://securityvulnerability.io/vulnerability/CVE-2022-42734,Improper Write Access Control in syngo Dynamics Application Server by Siemens Healthineers,"A vulnerability has been identified in the syngo Dynamics application server, which hosts a web service with improper write access control. This flaw allows unauthorized data writing to any folder accessible by the account associated with the website’s application pool, potentially compromising the integrity and security of the web service's data.",Siemens,Syngo Dynamics,7.5,HIGH,0.0007300000288523734,false,,false,false,false,,false,false,2022-11-17T00:00:00.000Z,0
CVE-2022-42893,https://securityvulnerability.io/vulnerability/CVE-2022-42893,Improper Write Access Control in Siemens Healthineers syngo Dynamics Application,"A vulnerability has been discovered in the syngo Dynamics application, which is susceptible to improper write access control. This flaw allows potential attackers to write data to any directory accessible to the account linked with the web application's application pool, creating significant security risks for data integrity and confidentiality.",Siemens,Syngo Dynamics,7.5,HIGH,0.0007300000288523734,false,,false,false,false,,false,false,2022-11-17T00:00:00.000Z,0
CVE-2022-42894,https://securityvulnerability.io/vulnerability/CVE-2022-42894,Server-Side Request Forgery Vulnerability in syngo Dynamics by Siemens Healthineers,"An unauthenticated Server-Side Request Forgery (SSRF) vulnerability has been found in the syngo Dynamics application, which impacts all versions prior to VA40G HF01. This vulnerability allows attackers to exploit web services, leading to the potential leak of NTLM credentials and local service enumeration. Organizations using the affected version of syngo Dynamics should take immediate action to mitigate this risk.",Siemens,Syngo Dynamics,7.5,HIGH,0.0011500000255182385,false,,false,false,false,,false,false,2022-11-17T00:00:00.000Z,0
CVE-2022-42732,https://securityvulnerability.io/vulnerability/CVE-2022-42732,Improper Read Access Control Vulnerability in Siemens Healthineers' syngo Dynamics Application,"An improper read access control vulnerability exists in the syngo Dynamics application server, enabling potential unauthorized retrieval of files from any accessible folder linked to the application’s operating account. This issue arises from a web service operation that lacks adequate access restrictions, which could expose sensitive files and compromise data security. It is crucial for users to update to version VA40G HF01 or later to mitigate this vulnerability.",Siemens,Syngo Dynamics,7.5,HIGH,0.0011500000255182385,false,,false,false,false,,false,false,2022-11-17T00:00:00.000Z,0
CVE-2022-42891,https://securityvulnerability.io/vulnerability/CVE-2022-42891,Improper Write Access Control in Siemens syngo Dynamics Application Server,"A vulnerability exists in the syngo Dynamics application server, where improper write access control on a web service allows unauthorized users to write data to any folder that is accessible by the application pool's assigned account. This flaw exposes sensitive data and can lead to various security breaches if not addressed promptly.",Siemens,Syngo Dynamics,7.5,HIGH,0.0007300000288523734,false,,false,false,false,,false,false,2022-11-17T00:00:00.000Z,0
CVE-2022-42892,https://securityvulnerability.io/vulnerability/CVE-2022-42892,Improper Access Control in Siemens Healthineers' syngo Dynamics Application,"A vulnerability has been discovered in the syngo Dynamics application server, where improper write access control allows for directory listing in accessible folders by the account linked to the website's application pool. This creates a significant security risk as sensitive data may be exposed to unauthorized users. Users of syngo Dynamics should ensure they are running versions at or above VA40G HF01 to mitigate this issue.",Siemens,Syngo Dynamics,5.3,MEDIUM,0.0008299999753944576,false,,false,false,false,,false,false,2022-11-17T00:00:00.000Z,0