Vulnerabilities (CVE)

Filtered by vendor Siemens Subscribe
Filtered by product Q200
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31238 1 Siemens 2 Q200, Q200 Firmware 2024-11-21 N/A 5.5 MEDIUM
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60). Affected devices are missing cookie protection flags when using the default settings. An attacker who gains access to a session token can use it to impersonate a legitimate application user.
CVE-2023-30901 1 Siemens 2 Q200, Q200 Firmware 2024-11-21 N/A 4.3 MEDIUM
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.