CVE-2023-35796

CVSS V2 None CVSS V3 None
Description
A vulnerability has been identified in SINEMA Server V14 (All versions). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could perform a stored cross-site scripting (XSS) attack that may lead to arbitrary code execution with `SYSTEM` privileges on the application server. (ZDI-CAN-19823)
Overview
  • CVE ID
  • CVE-2023-35796
  • Assigner
  • siemens
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-10-10T10:21:20.721Z
  • Last Modified Date
  • 2023-10-10T10:21:20.721Z
References
History
Created Old Value New Value Data Type Notes
2024-06-25 19:34:16 Added to TrackCVE