Skip to main content

Sipass Integrated

10 CVEs product

Monthly

CVE-2022-31812 HIGH This Week

A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Denial Of Service Sipass Integrated
NVD
CVSS 4.0
8.7
EPSS
0.4%
CVE-2022-22965 Maven CRITICAL POC KEV PATCH THREAT Act Now

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java RCE Code Injection Tomcat Spring Framework +37
NVD
CVSS 3.1
9.8
EPSS
99.7%
CVE-2021-44524 CRITICAL Act Now

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sipass Integrated Siveillance Identity
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-44523 CRITICAL Act Now

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sipass Integrated Siveillance Identity
NVD
CVSS 3.1
9.1
EPSS
1.4%
CVE-2021-44522 HIGH This Week

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sipass Integrated Siveillance Identity
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2017-9942 HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Siemens Information Disclosure Sipass Integrated
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-9941 HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker in a Man-in-the-Middle position between the SiPass integrated server and SiPass. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Siemens Information Disclosure Sipass Integrated
NVD
CVSS 3.0
7.4
EPSS
0.2%
CVE-2017-9940 HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Privilege Escalation Sipass Integrated
NVD
CVSS 3.0
8.1
EPSS
0.2%
CVE-2017-9939 CRITICAL Act Now

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Sipass Integrated
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2012-5409 CRITICAL POC THREAT Emergency

AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 35.4%.

Buffer Overflow Siemens RCE Sipass Integrated
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
35.4%
Threat
4.6
EPSS 0% CVSS 8.7
HIGH This Week

A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Denial Of Service +1
NVD
EPSS 100% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java RCE Code Injection +39
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sipass Integrated Siveillance Identity
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sipass Integrated Siveillance Identity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sipass Integrated Siveillance Identity
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Siemens Information Disclosure Sipass Integrated
NVD
EPSS 0% CVSS 7.4
HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker in a Man-in-the-Middle position between the SiPass integrated server and SiPass. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Siemens Information Disclosure Sipass Integrated
NVD
EPSS 0% CVSS 8.1
HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Privilege Escalation Sipass Integrated
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Sipass Integrated
NVD
EPSS 35% 4.6 CVSS 10.0
CRITICAL POC THREAT Emergency

AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 35.4%.

Buffer Overflow Siemens RCE +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy