Lucene search
China National Vulnerability DatabaseCNVD-2021-77587HistoryOct 13, 2021 - 12:00 a.m.
Siemens SINEC NMS SQL Injection Vulnerability (CNVD-2021-77587)
2021-10-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
siemens
sinec nms
sql injection
vulnerability
network management system
industrial networks
web server
exploited
manual request
local database
arbitrary commands
privileged credentials.
EPSS
0.002
Percentile
52.5%
SINEC NMS is a network management system from Siemens for monitoring and managing industrial networks.A SQL injection vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1, which could be exploited by an attacker with privileged credentials to execute arbitrary commands in the local database by sending a manual request to the affected application’s web server.
Related
prion
prion
Command injection
2021-10-12 10:15:00
cvelist
cvelist
CVE-2021-33736
2021-10-12 09:49:35
cve
cve
CVE-2021-33736
2021-10-12 10:15:12
nvd
nvd
CVE-2021-33736
2021-10-12 10:15:12
thn
thn
Over a Dozen Flaws Found in Siemens' Industrial Network Management System
2022-06-18 06:29:00
ics
ics
Siemens SINEC NMS
2021-10-14 12:00:00
nessus
nessus
Siemens SINEC NMS < V1.0 SP2 Update 1 Multiple Vulnerabilities
2022-07-05 00:00:00