Lucene search
China National Vulnerability DatabaseCNVD-2023-97255HistoryDec 13, 2023 - 12:00 a.m.
Siemens SINEC INS Operating System Command Injection Vulnerability
2023-12-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
siemens
sinec ins
command injection
network services
industrial networks
vulnerability
denial of service
radius configuration
SINEC INS (Infrastructure Network Services) is a web-based application that combines various network services in one tool. This simplifies the installation and management of all network services associated with industrial networks. Siemens SINEC INS suffers from an operating system command injection vulnerability due to the radius configuration mechanism of the affected product not properly checking uploaded certificates. An attacker could exploit this vulnerability to cause a denial of service condition or possibly execute commands on the system.
Related
cvelist
cvelist
CVE-2023-48428
2023-12-12 11:27:19
prion
prion
Default configuration
2023-12-12 12:15:00
cve
cve
CVE-2023-48428
2023-12-12 12:15:14
nvd
nvd
CVE-2023-48428
2023-12-12 12:15:14
nessus
nessus
TeamCity Server < 2022.10.3 Multiple Vulnerabilities
2023-09-29 00:00:00
ics
ics
Siemens SINEC INS
2023-12-14 12:00:00