CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-48429

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automatically restart.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.2%

CVSS Severity

CVSS v3 Score 2.7

References

https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf

Products affected by CVE-2023-48429

Siemens » Sinec Ins » Version: N/A

cpe:2.3:a:siemens:sinec_ins:-
Siemens » Sinec Ins » Version: 1.0

cpe:2.3:a:siemens:sinec_ins:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-48429

Products

Pricing

Contact Us