CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-15781

A vulnerability has been identified in SICAM WEB firmware for SICAM A8000 RTUs (All versions < V05.30). The login screen does not sufficiently sanitize input, which enables an attacker to generate specially crafted log messages. If an unsuspecting victim views the log messages via the web browser, these log messages might be interpreted and executed as code by the web application. This Cross-Site-Scripting (XSS) vulnerability might compromize the confidentiality, integrity and availability of the web application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.1%

CVSS Severity

CVSS v3 Score 9.6

CVSS v2 Score 6.8

References

https://cert-portal.siemens.com/productcert/pdf/ssa-370042.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-370042.pdf

Products affected by CVE-2020-15781

Siemens » Sicam A8000 » Version: N/A

cpe:2.3:h:siemens:sicam_a8000:-
Siemens » Sicam A8000 Firmware » Version: N/A

cpe:2.3:o:siemens:sicam_a8000_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-15781

Products

Pricing

Contact Us