Softing Secure Integration Server
14 CVEs affecting Softing Secure Integration Server. Latest disclosed: 2024-05-03. Critical: 1, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-2336 | Critical | 9.8 | 2022-08-17 | Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admi… |
CVE-2022-2337 | High | 7.5 | 2022-08-17 | A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22. |
CVE-2022-1069 | High | 7.5 | 2022-08-17 | A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. |
CVE-2022-2335 | High | 7.5 | 2022-08-17 | A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. |
CVE-2022-1748 | High | 7.5 | 2022-08-17 | Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulne… |
CVE-2022-2547 | High | 7.5 | 2022-08-17 | A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22. |
CVE-2022-2334 | High | 7.2 | 2022-08-17 | The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbit… |
CVE-2022-1373 | High | 7.2 | 2022-08-17 | The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files… |
CVE-2023-39481 | Medium | 6.6 | 2024-05-03 | Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary… |
CVE-2023-39479 | Medium | 6.6 | 2024-05-03 | Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote attackers to create directories on affected… |
CVE-2023-39478 | Medium | 6.6 | 2024-05-03 | Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execu… |
CVE-2022-2338 | Medium | 5.7 | 2022-08-17 | Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is… |
CVE-2023-39482 | Medium | 4.9 | 2024-05-03 | Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sens… |
CVE-2023-39480 | Medium | 4.4 | 2024-05-03 | Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbit… |