Siemens Qms Automotive
11 CVEs affecting Siemens Qms Automotive. Latest disclosed: 2023-09-12. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-40726 | High | 8.8 | 2023-09-12 | A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application server responds with sensitive information about the se… |
CVE-2023-40727 | High | 7.8 | 2023-09-12 | A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application uses weak outdated application… |
CVE-2022-43958 | High | 7.6 | 2022-11-08 | A vulnerability has been identified in QMS Automotive (All versions < V12.39), QMS Automotive (All versions < V12.39). User credentials are stored in plaintext… |
CVE-2023-40729 | High | 7.3 | 2023-09-12 | A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application lacks security control to prevent unencrypted communica… |
CVE-2023-40728 | High | 7.3 | 2023-09-12 | A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application stores sensitive application d… |
CVE-2023-40724 | High | 7.3 | 2023-09-12 | A vulnerability has been identified in QMS Automotive (All versions < V12.39). User credentials are found in memory as plaintext. An attacker could perform a m… |
CVE-2023-40730 | High | 7.1 | 2023-09-12 | A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application lacks sufficient authorization… |
CVE-2023-40731 | Medium | 5.7 | 2023-09-12 | A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application allows users to upload arbitrary file types. This could… |
CVE-2023-40725 | Medium | 4.0 | 2023-09-12 | A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application returns inconsistent error messages in response to inva… |
CVE-2023-40732 | Low | 3.9 | 2023-09-12 | A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application does not invalidate the sessio… |
CVE-2021-27389 | | 2021-04-22 | A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the… |