Filtered by vendor Secomea
Subscribe
Total
38 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-38124 | 1 Secomea | 24 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 21 more | 2022-12-15 | N/A | 6.5 MEDIUM |
Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner. | |||||
CVE-2022-2752 | 1 Secomea | 1 Gatemanager | 2022-12-12 | N/A | 7.8 HIGH |
A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7. | |||||
CVE-2022-38123 | 1 Secomea | 1 Gatemanager | 2022-12-08 | N/A | 7.2 HIGH |
Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0. | |||||
CVE-2021-32003 | 1 Secomea | 2 Sitemanager, Sitemanager Firmware | 2022-07-02 | 2.1 LOW | 5.5 MEDIUM |
Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware. | |||||
CVE-2021-32002 | 1 Secomea | 2 Sitemanager, Sitemanager Firmware | 2022-07-02 | 2.1 LOW | 3.3 LOW |
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware. | |||||
CVE-2022-25786 | 1 Secomea | 1 Gatemanager | 2022-05-13 | 4.0 MEDIUM | 4.9 MEDIUM |
Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. This issue affects: GateManager all versions prior to 9.7. | |||||
CVE-2022-25787 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2022-05-11 | 4.6 MEDIUM | 6.7 MEDIUM |
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7. | |||||
CVE-2022-25785 | 1 Secomea | 18 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 15 more | 2022-05-11 | 6.5 MEDIUM | 7.2 HIGH |
Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7. | |||||
CVE-2022-25784 | 1 Secomea | 18 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 15 more | 2022-05-11 | 3.5 LOW | 4.8 MEDIUM |
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7. | |||||
CVE-2022-25783 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2022-05-11 | 4.0 MEDIUM | 4.3 MEDIUM |
Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7. | |||||
CVE-2022-25782 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2022-05-11 | 5.5 MEDIUM | 5.4 MEDIUM |
Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7. | |||||
CVE-2022-25780 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2022-05-11 | 4.0 MEDIUM | 4.3 MEDIUM |
Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope. | |||||
CVE-2022-25781 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2022-05-11 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site Scripting (XSS) vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html into logged in user session. | |||||
CVE-2022-25779 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2022-05-11 | 4.0 MEDIUM | 4.3 MEDIUM |
Logging of Excessive Data vulnerability in audit log of Secomea GateManager allows logged in user to write text entries in audit log. This issue affects: Secomea GateManager versions prior to 9.7. | |||||
CVE-2022-25778 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2022-05-11 | 6.8 MEDIUM | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in Web UI of Secomea GateManager allows phishing attacker to issue get request in logged in user session. | |||||
CVE-2021-32010 | 1 Secomea | 27 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 24 more | 2022-05-11 | 6.8 MEDIUM | 8.1 HIGH |
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7. | |||||
CVE-2021-32009 | 1 Secomea | 1 Gatemanager | 2022-03-18 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged in user to inject javascript in browser session. This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. | |||||
CVE-2021-32006 | 1 Secomea | 1 Gatemanager | 2022-03-15 | 4.0 MEDIUM | 4.3 MEDIUM |
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission Issues vulnerability in LinkManager web portal of Secomea GateManager allows logged in LinkManager user to access stored SiteManager backup files. | |||||
CVE-2021-32005 | 1 Secomea | 18 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 15 more | 2022-03-11 | 3.5 LOW | 5.4 MEDIUM |
Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions. | |||||
CVE-2021-32008 | 1 Secomea | 1 Gatemanager | 2022-03-11 | 8.5 HIGH | 8.7 HIGH |
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged in GateManager admin to delete system Files or Directories. |