Lucene search
China National Vulnerability DatabaseCNVD-2022-17792HistoryMar 09, 2022 - 12:00 a.m.
Siemens SINEC NMS SQL Injection Vulnerability (CNVD-2022-17792)
2022-03-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
20
siemens sinec nms
network management system
sql injection
vulnerability
siemens germany
industrial networks
arbitrary commands
local database
web server
cnvd-2022-17792
EPSS
0.001
Percentile
45.1%
Siemens SINEC NMS is a network management system (NMS) from Siemens Germany that is used to centrally monitor, manage, and configure industrial networks with tens of thousands of devices 24/7, including security-related areas.A SQL injection vulnerability in Siemens SINEC NMS allows a privileged, authenticated attacker to Exploit the vulnerability to execute arbitrary commands in the local database by sending a carefully crafted request to the affected applicationβs Web server.
Related
cvelist
cvelist
CVE-2022-24281
2022-03-08 00:00:00
prion
prion
Command injection
2022-03-08 12:15:00
nvd
nvd
CVE-2022-24281
2022-03-08 12:15:11
cve
cve
CVE-2022-24281
2022-03-08 12:15:11
ics
ics
Siemens SINEC NMS (Update A)
2022-10-13 12:00:00