Siemens Spectrum_power_4
8 CVEs affecting Siemens Spectrum_power_4. Latest disclosed: 2022-06-14. Critical: 3, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-44228 | Critical | 10.0 | 2021-12-10 | Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameter… |
CVE-2019-6579 | Critical | 9.8 | 2019-04-17 | A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP c… |
CVE-2021-45046 | Critical | 9.0 | 2021-12-14 | It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers wi… |
CVE-2022-26476 | High | 8.8 | 2022-06-14 | A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS… |
CVE-2022-23312 | Medium | 6.1 | 2022-02-09 | A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP9 Security Patch 1). The integrated web application "Online Help" in affected p… |
CVE-2019-10933 | Medium | 6.1 | 2019-07-11 | A vulnerability has been identified in Spectrum Power 3 (Corporate User Interface) (All versions <= v3.11), Spectrum Power 4 (Corporate User Interface) (Versio… |
CVE-2020-15790 | Medium | 5.3 | 2020-09-09 | A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP8). If configured in an insecure manner, the web server might be susceptible to… |
CVE-2020-15784 | Medium | 5.3 | 2020-09-09 | A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP8). Insecure storage of sensitive information in the configuration files could… |