Vulnerabilites related to secomea - sitemanager_3539
Vulnerability from fkie_nvd
Published
2022-05-04 14:15
Modified
2024-11-21 06:06
Severity ?
5.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7129D184-BF8A-4458-BE20-14DB478B8306",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB6241F-5E35-4635-87CA-69F9394E0969",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*",
"matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "080C47BD-BF42-43DE-8C89-3A289CC3DF96",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C657B3D-BEE4-4341-94F3-AC079FB2D0E4",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F45C7EB4-AE1A-42C1-8395-4C3FAC4F4DAF",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A875ACB6-F2BE-4513-9ECD-FDD0FC816618",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C00A040-6825-4F46-A0D6-DBBBD1CBF9F3",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B66D1E-202F-4C95-A3C0-5D705717C3EA",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2151C3-0AB1-4255-BCC9-EDD95E85C627",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:secomea:linkmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D348764-B7BC-4C8D-BDA6-B42D0281BABC",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:gatemanager_4250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F34FFF-867B-40A3-9163-E0045B2EE092",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:gatemanager_4250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DB6136A-5440-4980-940D-CD178DC219B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:gatemanager_4260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "106CA21E-663A-4F1D-80AB-47BFC2EF6DBA",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:gatemanager_4260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B546E62-81BB-4ED8-87C9-41BD79484AD0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:gatemanager_8250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7EC4241-4AAA-4B94-A024-2533B114723A",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:gatemanager_8250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5089C475-2013-4DF6-AD1E-12F576ACAE8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:gatemanager_9250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A93F1AC2-ADD9-43C1-999F-E27FC588411F",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:gatemanager_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68DE2092-2EA1-4D49-84EB-20BE2CD7B113",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7."
},
{
"lang": "es",
"value": "Una vulnerabilidad de la fuerza de encriptaci\u00f3n inapropiada en la pila TLS de Secomea SiteManager, LinkManager y GateManager puede facilitar ataques de tipo man in the middle. Este problema afecta a: Secomea SiteManager Todas las versiones anteriores a 9.7. Secomea LinkManager versiones anteriores a 9.7. Las versiones de Secomea GateManager anteriores a 9.7"
}
],
"id": "CVE-2021-32010",
"lastModified": "2024-11-21T06:06:42.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4,
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-04T14:15:07.967",
"references": [
{
"source": "VulnerabilityReporting@secomea.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-13 14:15
Modified
2024-11-21 07:15
Severity ?
5.7 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB646D2-225E-4579-A38C-12C86578C4FA",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8524A9-3DFE-4631-AAB1-32562F36F275",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1529_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEEE2505-C9E9-4820-95A1-97F1C11EEBEA",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04157541-64E2-4D44-8101-8BC9972283D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDB6569-AC7C-485C-AE08-0AB327B0FB9D",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5E5520-93F0-4A55-B0E2-2EB24551F8C0",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*",
"matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "986022D5-B335-4E74-AEF5-A8147FDB31B0",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1539_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4935E34D-7B75-4362-81BF-1BC455D23BEC",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5848F390-7F56-44ED-9267-38CA1971DE01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEE5350-A868-480E-9751-7446F985B963",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50125628-E81B-4A56-9794-BDD9BDB6CDBD",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DBA6309-D9AE-49CB-9FFD-7C4FBFA333AA",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1549_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6772A0C6-E11E-4157-BE84-01A00CA90487",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "402344EC-DDE3-452B-BDD7-63E1DE7EB030",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F26498CC-1921-4A7C-B0E0-626D2681F890",
"versionEndExcluding": "10.0.622425017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner."
},
{
"lang": "es",
"value": "La herramienta de depuraci\u00f3n en Secomea SiteManager permite al administrador conectado modificar el estado del sistema de manera no deseada."
}
],
"id": "CVE-2022-38124",
"lastModified": "2024-11-21T07:15:50.557",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.2,
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-13T14:15:09.947",
"references": [
{
"source": "VulnerabilityReporting@secomea.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-267"
}
],
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:42
Modified
2024-11-21 06:06
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| VulnerabilityReporting@secomea.com | https://www.secomea.com/support/cybersecurity-advisory/#5017 | Not Applicable, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.secomea.com/support/cybersecurity-advisory/#5017 | Not Applicable, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE20816-9B69-486D-9D19-29BCE0CC0B2F",
"versionEndExcluding": "9.6.621421014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C89E1B-1A97-442E-A6B3-B6D0364F5EBA",
"versionEndExcluding": "9.6.621421014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*",
"matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234DAB99-26F6-4898-A6F9-F71FE45E8FBF",
"versionEndExcluding": "9.6.621421014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "251C5A8B-8FE9-4BF6-82B0-6C59AEC3D197",
"versionEndExcluding": "9.6.621421014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9BAA743-817E-4421-9301-ABDF792B3B30",
"versionEndExcluding": "9.6.621421014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2926AE67-9BE4-4E74-9136-8322DE8A4D17",
"versionEndExcluding": "9.6.621421014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0991E33A-AD49-454D-9B42-49C5A937FDBA",
"versionEndExcluding": "9.6.621421014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "896E0C54-677B-403D-AA59-9E97D2A5F98D",
"versionEndExcluding": "9.6.621421014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4F4541-AC64-45D6-9281-46C5AA9BA5BF",
"versionEndExcluding": "9.6.621421014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site Scripting (XSS) en la visualizaci\u00f3n de registro de Secomea SiteManager permite a un usuario que ha iniciado sesi\u00f3n almacenar javascript para su posterior ejecuci\u00f3n. Este problema afecta a: Secomea SiteManager versi\u00f3n 9.6.621421014 y todas las versiones anteriores"
}
],
"id": "CVE-2021-32005",
"lastModified": "2024-11-21T06:06:41.883",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7,
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:42:13.473",
"references": [
{
"source": "VulnerabilityReporting@secomea.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/#5017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/#5017"
}
],
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-04 14:15
Modified
2024-11-21 06:52
Severity ?
6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7129D184-BF8A-4458-BE20-14DB478B8306",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB6241F-5E35-4635-87CA-69F9394E0969",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*",
"matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "080C47BD-BF42-43DE-8C89-3A289CC3DF96",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C657B3D-BEE4-4341-94F3-AC079FB2D0E4",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F45C7EB4-AE1A-42C1-8395-4C3FAC4F4DAF",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A875ACB6-F2BE-4513-9ECD-FDD0FC816618",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C00A040-6825-4F46-A0D6-DBBBD1CBF9F3",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B66D1E-202F-4C95-A3C0-5D705717C3EA",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2151C3-0AB1-4255-BCC9-EDD95E85C627",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en SiteManager permite al usuario conectado o local causar una ejecuci\u00f3n de c\u00f3digo arbitrario. Este problema afecta a: Secomea SiteManager todas las versiones anteriores a 9.7"
}
],
"id": "CVE-2022-25785",
"lastModified": "2024-11-21T06:52:59.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-04T14:15:08.503",
"references": [
{
"source": "VulnerabilityReporting@secomea.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-16 16:15
Modified
2024-11-21 05:23
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0FAD6E-F83E-4FCC-974E-234AFF0F6B3B",
"versionEndExcluding": "9.2c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8205A78B-7823-4510-A336-317F4913895A",
"versionEndExcluding": "9.2c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*",
"matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B441D7BD-9E88-427D-AF68-55ABE1ECAFFA",
"versionEndExcluding": "9.2c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A6940E9-7E5E-4464-A173-5D841C01A372",
"versionEndExcluding": "9.2c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29745914-FDC8-4409-B86C-CAF455D833BC",
"versionEndExcluding": "9.2c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69CE2E1A-A1B3-465B-8C49-1CCFF86AD440",
"versionEndExcluding": "9.2c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FCD5A7-19E7-495B-9096-6B176AD2BC32",
"versionEndExcluding": "9.2c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBC771F-EB11-43FC-AC56-AA6BA36BBC61",
"versionEndExcluding": "9.2c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2483D229-EE45-4103-833B-844E34EBB04C",
"versionEndExcluding": "9.2c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-site Scripting (XSS) en la GUI de Secomea SiteManager, podr\u00eda permitir a un atacante causar un ataque de tipo XSS.\u0026#xa0;Este problema afecta: Secomea SiteManager todas las versiones anteriores a 9.3"
}
],
"id": "CVE-2020-29027",
"lastModified": "2024-11-21T05:23:33.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-16T16:15:12.973",
"references": [
{
"source": "VulnerabilityReporting@secomea.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/#3042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/#3042"
}
],
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-04 14:15
Modified
2024-11-21 06:52
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7129D184-BF8A-4458-BE20-14DB478B8306",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB6241F-5E35-4635-87CA-69F9394E0969",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*",
"matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "080C47BD-BF42-43DE-8C89-3A289CC3DF96",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C657B3D-BEE4-4341-94F3-AC079FB2D0E4",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F45C7EB4-AE1A-42C1-8395-4C3FAC4F4DAF",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A875ACB6-F2BE-4513-9ECD-FDD0FC816618",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C00A040-6825-4F46-A0D6-DBBBD1CBF9F3",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B66D1E-202F-4C95-A3C0-5D705717C3EA",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2151C3-0AB1-4255-BCC9-EDD95E85C627",
"versionEndExcluding": "9.7.622134021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-site Scripting (XSS) en la Interfaz Gr\u00e1fica de Usuario de SiteManager permite al usuario conectado inyectar scripts. Este problema afecta a: Secomea SiteManager todas las versiones anteriores a 9.7"
}
],
"id": "CVE-2022-25784",
"lastModified": "2024-11-21T06:52:59.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-04T14:15:08.440",
"references": [
{
"source": "VulnerabilityReporting@secomea.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-19 12:15
Modified
2025-02-05 15:15
Severity ?
2.9 (Low) - CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17034D9B-EEC0-47C4-B262-C8699DCF31CE",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5483EDAF-69C3-4E09-9F12-B9E2775CB4D5",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36890A42-2A12-4637-8593-1D0DE0402B41",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66D8982B-1087-4C69-8773-998509A9C58C",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E54B3F5-30F2-4360-BBD9-4A21AEB78151",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DF889-5E8C-4183-AFC8-098355C3704E",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1549_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4EFF13-B933-40F8-957D-5AA71AF0CC95",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "402344EC-DDE3-452B-BDD7-63E1DE7EB030",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1539_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "854722A1-8028-4819-BF3E-645875E372B2",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5848F390-7F56-44ED-9267-38CA1971DE01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1529_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5126CFB4-1AA2-4663-9AB1-EBC101DC9F1C",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04157541-64E2-4D44-8101-8BC9972283D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9586E608-B8C6-4531-AA5C-4CEE23290607",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7AA2FA-06B5-433A-BE7C-7E3B28838333",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*",
"matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "540F8642-361E-461D-A082-CAB4500BA25B",
"versionEndExcluding": "10.0.622465022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client."
}
],
"id": "CVE-2022-38125",
"lastModified": "2025-02-05T15:15:15.660",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-19T12:15:07.610",
"references": [
{
"source": "VulnerabilityReporting@secomea.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-923"
}
],
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-923"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CVE-2021-32010 (GCVE-0-2021-32010)
Vulnerability from cvelistv5
Published
2022-05-04 13:45
Modified
2024-08-03 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-326 - Inadequate Encryption Strength
Summary
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Secomea | SiteManager |
Version: All < 9.7 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:28.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SiteManager",
"vendor": "Secomea",
"versions": [
{
"lessThan": "9.7",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "LinkManager",
"vendor": "Secomea",
"versions": [
{
"lessThan": "9.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "GateManager",
"vendor": "Secomea",
"versions": [
{
"lessThan": "9.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-04T13:45:03",
"orgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"shortName": "Secomea"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"source": {
"defect": [
"RD-5699"
],
"discovery": "INTERNAL"
},
"title": "Clients may connect to a GateManager with TLS 1.0",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "VulnerabilityReporting@secomea.com",
"ID": "CVE-2021-32010",
"STATE": "PUBLIC",
"TITLE": "Clients may connect to a GateManager with TLS 1.0"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SiteManager",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "9.7"
}
]
}
},
{
"product_name": "LinkManager",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.7"
}
]
}
},
{
"product_name": "GateManager",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.7"
}
]
}
}
]
},
"vendor_name": "Secomea"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-326 Inadequate Encryption Strength"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.secomea.com/support/cybersecurity-advisory/",
"refsource": "MISC",
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
]
},
"source": {
"defect": [
"RD-5699"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"assignerShortName": "Secomea",
"cveId": "CVE-2021-32010",
"datePublished": "2022-05-04T13:45:03",
"dateReserved": "2021-05-03T00:00:00",
"dateUpdated": "2024-08-03T23:17:28.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38124 (GCVE-0-2022-38124)
Vulnerability from cvelistv5
Published
2022-12-13 13:06
Modified
2025-04-18 15:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-267 - Privilege Defined With Unsafe Actions
Summary
Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Secomea | SiteManager |
Version: 0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:45:52.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:28:06.181233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T15:28:20.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SiteManager",
"vendor": "Secomea",
"versions": [
{
"lessThanOrEqual": "10.0.622425017",
"status": "affected",
"version": "0",
"versionType": "\"custom\""
}
]
}
],
"datePublic": "2022-12-12T23:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner."
}
],
"value": "Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner."
}
],
"impacts": [
{
"capecId": "CAPEC-121",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-121 Exploit Test APIs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-267",
"description": "CWE-267 Privilege Defined With Unsafe Actions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T13:06:17.021Z",
"orgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"shortName": "Secomea"
},
"references": [
{
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"source": {
"defect": [
"RD-6294"
],
"discovery": "EXTERNAL"
},
"title": "Unwanted debug tool",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"assignerShortName": "Secomea",
"cveId": "CVE-2022-38124",
"datePublished": "2022-12-13T13:06:17.021Z",
"dateReserved": "2022-08-10T09:46:05.634Z",
"dateUpdated": "2025-04-18T15:28:20.215Z",
"requesterUserId": "44bd1e71-3702-434c-b36b-c1ac3bb0bab6",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32005 (GCVE-0-2021-32005)
Vulnerability from cvelistv5
Published
2022-03-07 15:21
Modified
2024-08-03 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Secomea | SiteManager |
Version: All < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:27.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/#5017"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SiteManager",
"vendor": "Secomea",
"versions": [
{
"lessThanOrEqual": "9.6.621421014",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Schlumberger"
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T15:21:27",
"orgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"shortName": "Secomea"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/#5017"
}
],
"source": {
"defect": [
"RD-5017"
],
"discovery": "EXTERNAL"
},
"title": "SiteManager Log View XSS Issue",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "VulnerabilityReporting@secomea.com",
"ID": "CVE-2021-32005",
"STATE": "PUBLIC",
"TITLE": "SiteManager Log View XSS Issue"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SiteManager",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "9.6.621421014"
}
]
}
}
]
},
"vendor_name": "Secomea"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Schlumberger"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.secomea.com/support/cybersecurity-advisory/#5017",
"refsource": "MISC",
"url": "https://www.secomea.com/support/cybersecurity-advisory/#5017"
}
]
},
"source": {
"defect": [
"RD-5017"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"assignerShortName": "Secomea",
"cveId": "CVE-2021-32005",
"datePublished": "2022-03-07T15:21:27",
"dateReserved": "2021-05-03T00:00:00",
"dateUpdated": "2024-08-03T23:17:27.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38125 (GCVE-0-2022-38125)
Vulnerability from cvelistv5
Published
2023-04-19 11:58
Modified
2025-02-05 15:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints
Summary
Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Secomea | SiteManager |
Version: 5.0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:45:52.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-38125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T14:59:41.569876Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-923",
"description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:00:42.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"FTP Agent"
],
"product": "SiteManager",
"vendor": "Secomea",
"versions": [
{
"lessThanOrEqual": "10.0",
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-19T11:58:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client."
}
],
"value": "Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client."
}
],
"impacts": [
{
"capecId": "CAPEC-22",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-22 Exploiting Trust in Client"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-923",
"description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-19T11:58:14.508Z",
"orgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"shortName": "Secomea"
},
"references": [
{
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "FTP Agent forwards traffic on inactive ports to LinkManager",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"assignerShortName": "Secomea",
"cveId": "CVE-2022-38125",
"datePublished": "2023-04-19T11:58:14.508Z",
"dateReserved": "2022-08-10T09:46:05.634Z",
"dateUpdated": "2025-02-05T15:00:42.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29027 (GCVE-0-2020-29027)
Vulnerability from cvelistv5
Published
2021-02-16 15:48
Modified
2024-09-17 01:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Secomea | SiteManager |
Version: all < 9.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:48:00.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/#3042"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SiteManager",
"vendor": "Secomea",
"versions": [
{
"lessThan": "9.3",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-16T15:48:58",
"orgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"shortName": "Secomea"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/#3042"
}
],
"source": {
"defect": [
"RD-3022"
],
"discovery": "EXTERNAL"
},
"title": "Reflected Cross Site Scripting",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "VulnerabilityReporting@secomea.com",
"DATE_PUBLIC": "2020-12-18T00:00:00.000Z",
"ID": "CVE-2020-29027",
"STATE": "PUBLIC",
"TITLE": "Reflected Cross Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SiteManager",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "all",
"version_value": "9.3"
}
]
}
}
]
},
"vendor_name": "Secomea"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.secomea.com/support/cybersecurity-advisory/#3042",
"refsource": "MISC",
"url": "https://www.secomea.com/support/cybersecurity-advisory/#3042"
}
]
},
"source": {
"defect": [
"RD-3022"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"assignerShortName": "Secomea",
"cveId": "CVE-2020-29027",
"datePublished": "2021-02-16T15:48:58.980830Z",
"dateReserved": "2020-11-24T00:00:00",
"dateUpdated": "2024-09-17T01:05:35.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25784 (GCVE-0-2022-25784)
Vulnerability from cvelistv5
Published
2022-05-04 13:56
Modified
2024-08-03 04:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Secomea | SiteManager |
Version: all < 9.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:43.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SiteManager",
"vendor": "Secomea",
"versions": [
{
"lessThan": "9.7",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-04T13:56:20",
"orgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"shortName": "Secomea"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"source": {
"defect": [
"RD-5371"
],
"discovery": "INTERNAL"
},
"title": "User controllable HTML element attribute (potential XSS)",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "VulnerabilityReporting@secomea.com",
"ID": "CVE-2022-25784",
"STATE": "PUBLIC",
"TITLE": "User controllable HTML element attribute (potential XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SiteManager",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "all",
"version_value": "9.7"
}
]
}
}
]
},
"vendor_name": "Secomea"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.secomea.com/support/cybersecurity-advisory/",
"refsource": "MISC",
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
]
},
"source": {
"defect": [
"RD-5371"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"assignerShortName": "Secomea",
"cveId": "CVE-2022-25784",
"datePublished": "2022-05-04T13:56:20",
"dateReserved": "2022-02-22T00:00:00",
"dateUpdated": "2024-08-03T04:49:43.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25785 (GCVE-0-2022-25785)
Vulnerability from cvelistv5
Published
2022-05-04 13:57
Modified
2024-08-03 04:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Secomea | SiteManager |
Version: all < 9.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:43.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SiteManager",
"vendor": "Secomea",
"versions": [
{
"lessThan": "9.7",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-04T13:57:06",
"orgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"shortName": "Secomea"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"source": {
"defect": [
"RD-5455"
],
"discovery": "INTERNAL"
},
"title": "Buffer overrun",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "VulnerabilityReporting@secomea.com",
"ID": "CVE-2022-25785",
"STATE": "PUBLIC",
"TITLE": "Buffer overrun"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SiteManager",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "all",
"version_value": "9.7"
}
]
}
}
]
},
"vendor_name": "Secomea"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.secomea.com/support/cybersecurity-advisory/",
"refsource": "MISC",
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
]
},
"source": {
"defect": [
"RD-5455"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"assignerShortName": "Secomea",
"cveId": "CVE-2022-25785",
"datePublished": "2022-05-04T13:57:06",
"dateReserved": "2022-02-22T00:00:00",
"dateUpdated": "2024-08-03T04:49:43.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}