CVE-2016-8564 (automation_license_manager)
SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410.
[월:] 2016년 10월
CVE-2016-8564
CVE-2016-8564
SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410.
Source: CVE-2016-8564
CVE-2016-8563 (automation_license_manager)
CVE-2016-8563 (automation_license_manager)
Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410.
CVE-2016-8563
CVE-2016-8563
Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410.
Source: CVE-2016-8563
CVE-2016-7960 (simatic_step_7)
CVE-2016-7960 (simatic_step_7)
Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.
Source: CVE-2016-7960 (simatic_step_7)
CVE-2016-7960
CVE-2016-7960
Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.
Source: CVE-2016-7960
CVE-2016-7959 (simatic_step_7)
CVE-2016-7959 (simatic_step_7)
Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.
Source: CVE-2016-7959 (simatic_step_7)
CVE-2016-7959
CVE-2016-7959
Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.
Source: CVE-2016-7959
CVE-2016-1000216 (wireless_h500)
CVE-2016-1000216 (wireless_h500)
Ruckus Wireless H500 web management interface authenticated command injection
Source: CVE-2016-1000216 (wireless_h500)
CVE-2016-1000216 (wireless_h500_firmware)
CVE-2016-1000216 (wireless_h500_firmware)
Ruckus Wireless H500 web management interface authenticated command injection