SICAM T
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-31238 | 0.00 | — | 0.00 | Jun 13, 2023 | A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.11), SICAM P850… | |||
| CVE-2023-30901 | 0.00 | — | 0.00 | Jun 13, 2023 | A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.11), SICAM P850… | |||
| CVE-2022-41665 | 0.00 | — | 0.03 | Oct 11, 2022 | A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850… | |||
| CVE-2022-40226 | 0.00 | — | 0.00 | Oct 11, 2022 | A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850… | |||
| CVE-2022-29883 | 0.00 | — | 0.00 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not restrict unauthenticated access to certain pages of the web interface. This could allow an attacker to delete log files without authentication. | |||
| CVE-2022-29882 | 0.00 | — | 0.01 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses the error logs… | |||
| CVE-2022-29881 | 0.00 | — | 0.01 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal configuration… | |||
| CVE-2022-29880 | 0.00 | — | 0.00 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged… | |||
| CVE-2022-29879 | 0.00 | — | 0.00 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow authenticated users to access critical device information. | |||
| CVE-2022-29878 | 0.00 | — | 0.01 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by… | |||
| CVE-2022-29876 | 0.00 | — | 0.01 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform… | |||
| CVE-2022-29874 | 0.00 | — | 0.00 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the… | |||
| CVE-2022-29873 | 0.00 | — | 0.03 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program… | |||
| CVE-2022-29872 | 0.00 | — | 0.01 | May 10, 2022 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus,… |
- CVE-2023-31238Jun 13, 2023risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.11), SICAM P850…
- CVE-2023-30901Jun 13, 2023risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.11), SICAM P850…
- CVE-2022-41665Oct 11, 2022risk 0.00cvss —epss 0.03
A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850…
- CVE-2022-40226Oct 11, 2022risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850…
- CVE-2022-29883May 10, 2022risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not restrict unauthenticated access to certain pages of the web interface. This could allow an attacker to delete log files without authentication.
- CVE-2022-29882May 10, 2022risk 0.00cvss —epss 0.01
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses the error logs…
- CVE-2022-29881May 10, 2022risk 0.00cvss —epss 0.01
A vulnerability has been identified in SICAM T (All versions < V3.0). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal configuration…
- CVE-2022-29880May 10, 2022risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged…
- CVE-2022-29879May 10, 2022risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM T (All versions < V3.0). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow authenticated users to access critical device information.
- CVE-2022-29878May 10, 2022risk 0.00cvss —epss 0.01
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by…
- CVE-2022-29876May 10, 2022risk 0.00cvss —epss 0.01
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform…
- CVE-2022-29874May 10, 2022risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the…
- CVE-2022-29873May 10, 2022risk 0.00cvss —epss 0.03
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program…
- CVE-2022-29872May 10, 2022risk 0.00cvss —epss 0.01
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus,…