Siemens SIMATIC WinCC OA 3.17

CPE Details

Siemens SIMATIC WinCC OA 3.17
siemens
simatic_wincc_oa
3.17
2022-05-22
20h13 +00:00
2022-05-23
13h28 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:siemens:simatic_wincc_oa:3.17:-:*:*:*:*:*:*

Informations

Vendor

siemens

Product

simatic_wincc_oa

Version

3.17

Update

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-44731 2022-12-12 23h00 +00:00 A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions < V3.15 P038), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMATIC WinCC OA V3.18 (All versions < V3.18 P014). The affected component allows to inject custom arguments to the Ultralight Client backend application under certain circumstances. This could allow an authenticated remote attacker to inject arbitrary parameters when starting the client via the web interface (e.g., open attacker chosen panels with the attacker's credentials or start a Ctrl script).
5.4
Moyen
CVE-2021-41057 2021-11-14 19h21 +00:00 In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions.
7.1
Haute
CVE-2021-20093 2021-06-16 09h09 +00:00 A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.
9.1
Critique