Secomea: >> Sitemanager 3539 Firmware >> 9.2c Security Vulnerabilities
Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client.
CVSS Score
2.9
EPSS Score
0.001
Published
2023-04-19
Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.
CVSS Score
5.7
EPSS Score
0.001
Published
2022-12-13
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7.
CVSS Score
9.1
EPSS Score
0.007
Published
2022-05-04
Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7.
CVSS Score
6.6
EPSS Score
0.011
Published
2022-05-04
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7.
CVSS Score
5.6
EPSS Score
0.001
Published
2022-05-04
Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions.
CVSS Score
6.5
EPSS Score
0.006
Published
2022-03-10