CVE-2023-44315

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Oct 10, 2023

Updated: Jul 9, 2024

CWE ID 79

Summary

CVE-2023-44315 is a newly discovered vulnerability affecting SINEC Network Management System (NMS) versions below V2.0. The issue stems from the application's improper handling of SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device can exploit this flaw to execute stored cross-site scripting (XSS) attacks. Successful exploitation may result in unintended modifications of data by legitimate users, posing a potential security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s0nzdD
https://www.cve.org/CVERecord?id=CVE-2023-44315
https://nvd.nist.gov/vuln/detail/CVE-2023-44315

Back to Vulnerability Database

CVE-2023-44315

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations