VYPR

SPPA-T3000 Application Server

by Siemens Foundation

CVEs (23)

  • CVE-2019-18316CriDec 12, 2019
    risk 0.64cvss 9.8epss 0.03

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted packets to 1099/tcp. Please note that an…

  • CVE-2019-18315CriDec 12, 2019
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted packets to 8888/tcp. Please note that an…

  • CVE-2019-18314CriDec 12, 2019
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted objects via RMI. Please note that an attacker…

  • CVE-2019-18284CriDec 12, 2019
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other…

  • CVE-2019-18283CriDec 12, 2019
    risk 0.64cvss 9.8epss 0.05

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can gain remote code execution by sending specifically crafted objects to one…

  • CVE-2019-18288HigDec 12, 2019
    risk 0.58cvss 8.8epss 0.04

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with valid authentication at the RMI interface could be able to gain remote code execution through an unsecured file upload. Please note that an attacker…

  • CVE-2024-38877HigAug 2, 2024
    risk 0.53cvss 8.2epss 0.00

    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2…

  • CVE-2024-38876HigAug 2, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4…

  • CVE-2024-38879HigAug 2, 2024
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system exposes the port of an internal application on the public network interface allowing…

  • CVE-2019-18320HigDec 12, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to upload arbitrary files without authentication. Please note that an attacker needs to have…

  • CVE-2019-18319HigDec 12, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is…

  • CVE-2019-18318HigDec 12, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server can cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is…

  • CVE-2019-18317HigDec 12, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is…

  • CVE-2018-4832HigApr 24, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions),…

  • CVE-2024-38878HigAug 2, 2024
    risk 0.48cvss 7.2epss 0.11

    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). Affected devices allow authenticated users to export diagnostics data. The corresponding API endpoint is…

  • CVE-2019-18285MedDec 12, 2019
    risk 0.38cvss 5.9epss 0.01

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The RMI communication between the client and the Application Server is unencrypted. An attacker with access to the communication channel can read credentials of a valid…

  • CVE-2019-18335MedDec 12, 2019
    risk 0.35cvss 5.3epss 0.01

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to gain access to logs and configuration files by sending specifically crafted packets to 80/tcp.…

  • CVE-2019-18334MedDec 12, 2019
    risk 0.35cvss 5.3epss 0.01

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to enumerate valid user names by sending specifically crafted packets to 8090/tcp. Please note…

  • CVE-2019-18333MedDec 12, 2019
    risk 0.35cvss 5.3epss 0.01

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to filenames on the server by sending specifically crafted packets to 8090/tcp. Please note…

  • CVE-2019-18332MedDec 12, 2019
    risk 0.35cvss 5.3epss 0.01

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to directory listings of the server by sending specifically crafted packets to 80/tcp,…

Page 1 of 2