Heartlogic
Products
1- 13 CVEs
Recent CVEs
13| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-38125 | 0.00 | — | 0.00 | Apr 19, 2023 | Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client. | |||
| CVE-2022-38124 | 0.00 | — | 0.01 | Dec 13, 2022 | Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner. | |||
| CVE-2022-25785 | 0.00 | — | 0.01 | May 4, 2022 | Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7. | |||
| CVE-2022-25784 | 0.00 | — | 0.01 | May 4, 2022 | Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7. | |||
| CVE-2021-32010 | 0.00 | — | 0.00 | May 4, 2022 | Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager… | |||
| CVE-2021-32005 | 0.00 | — | 0.01 | Mar 7, 2022 | Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions. | |||
| CVE-2021-32003 | 0.00 | — | 0.00 | Aug 5, 2021 | Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware. | |||
| CVE-2021-32002 | 0.00 | — | 0.00 | Aug 5, 2021 | Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware. | |||
| CVE-2020-29020 | 0.00 | — | 0.02 | Mar 5, 2021 | Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware. | |||
| CVE-2020-29027 | 0.00 | — | 0.00 | Feb 16, 2021 | Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3. | |||
| CVE-2020-11642 | 0.00 | — | 0.01 | Oct 15, 2020 | The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances. | |||
| CVE-2020-11641 | 0.00 | — | 0.01 | Oct 15, 2020 | A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances. | |||
| CVE-2010-1331 | 0.00 | — | 0.01 | Apr 9, 2010 | SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors. |
- CVE-2022-38125Apr 19, 2023risk 0.00cvss —epss 0.00
Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client.
- CVE-2022-38124Dec 13, 2022risk 0.00cvss —epss 0.01
Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.
- CVE-2022-25785May 4, 2022risk 0.00cvss —epss 0.01
Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7.
- CVE-2022-25784May 4, 2022risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7.
- CVE-2021-32010May 4, 2022risk 0.00cvss —epss 0.00
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager…
- CVE-2021-32005Mar 7, 2022risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions.
- CVE-2021-32003Aug 5, 2021risk 0.00cvss —epss 0.00
Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware.
- CVE-2021-32002Aug 5, 2021risk 0.00cvss —epss 0.00
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware.
- CVE-2020-29020Mar 5, 2021risk 0.00cvss —epss 0.02
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware.
- CVE-2020-29027Feb 16, 2021risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3.
- CVE-2020-11642Oct 15, 2020risk 0.00cvss —epss 0.01
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.
- CVE-2020-11641Oct 15, 2020risk 0.00cvss —epss 0.01
A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.
- CVE-2010-1331Apr 9, 2010risk 0.00cvss —epss 0.01
SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors.