Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-44524

EPSS 0.58% · P69
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-44524

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal user authentication service. This could allow an unauthenticated remote attacker to trigger several actions on behalf of valid user accounts.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
将资源暴露给错误范围
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens SiPass Integrated和Siveillance Identity 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens SiPass Integrated和Siveillance Identity都是德国西门子(Siemens)公司的产品。SiPass Integrated是一个功能强大且极其灵活的门禁控制系统。Siveillance Identity是一款具有自助服务门户的综合访问管理系统。用于提供跨多个站点的内部访问请求管理。 SiPass integrated 和 Siveillance Identity 存在授权问题漏洞,该漏洞源于受影响的应用程序对内部用户认证服务的访问限制不足。这未经身份验证的远
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
SiemensSiPass integrated V2.76 All versions -
SiemensSiPass integrated V2.80 All versions -
SiemensSiPass integrated V2.85 All versions -
SiemensSiveillance Identity V1.5 All versions -
SiemensSiveillance Identity V1.6 All versions < V1.6.284.0 -

II. Public POCs for CVE-2021-44524

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-44524

登录查看更多情报信息。

Same Patch Batch · Siemens · 2021-12-14 · 46 CVEs total

CVE-2021-440027.8 HIGHSiemens JT2GO和Siemens Teamcenter Visualization 缓冲区错误漏洞
CVE-2021-440147.8 HIGHSiemens JT2GO 资源管理错误漏洞
CVE-2021-44439Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44445Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44448Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44449Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44450Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44522Siemens SiPass Integrated和Siveillance Identity 安全漏洞
CVE-2021-44523Siemens SiPass Integrated和Siveillance Identity 安全漏洞
CVE-2021-44447Siemens JT Utilities 资源管理错误漏洞
CVE-2021-44441Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44440Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44442Siemens JT Utilities 安全漏洞
CVE-2021-44438Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44437Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44436Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44435Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44434Siemens JT Utilities 缓冲区错误漏洞
CVE-2021-44433Siemens JT Utilities 资源管理错误漏洞
CVE-2021-44432Siemens JT Utilities 安全漏洞

Showing top 20 of 46 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: SiPass integrated V2.76
Same vendor: Siemens
Same weakness: CWE-668

V. Comments for CVE-2021-44524

No comments yet

Leave a comment