Siemens Desigo CC

CPE Details

Siemens Desigo CC
siemens
desigo_cc
-
2023-09-28
12h54 +00:00
2023-09-28
12h54 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:siemens:desigo_cc:-:*:*:*:*:*:*:*

Informations

Vendor

siemens

Product

desigo_cc

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-33139 2022-06-20 22h00 +00:00 A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.
9.8
Critical
CVE-2021-31891 2021-09-14 08h47 +00:00 A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.
10
Critical