CVE-2024-47565

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-183
View all →

Vulnerability Description

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate that user input complies with a list of allowed values. This could allow an authenticated remote attacker to compromise the integrity of the configuration of the affected application.

Related Vulnerabilities

CVE-2022-42469

MEDIUM
CVSS:4.3(Medium)

A permissive list of allowed inputs vulnerability [CWE-183] in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the p...

CWE-1832022

CVE-2022-23158

MEDIUM
CVSS:4.4(Medium)

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provid...

CWE-1832022

CVE-2020-1694

MEDIUM
CVSS:4.9(Medium)

A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information o...

CWE-1832020

CVE-2021-34787

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unaut...

CWE-1832021

CVE-2021-40128

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the account activation feature of Cisco Webex Meetings could allow an unauthenticated, remote attacker to send an account activation email with an activation link that points to an ...

CWE-1832021

CVE-2023-7250

MEDIUM
CVSS:5.3(Medium)

A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, ...

CWE-1832023