Vulnerabilities (CVE)

Filtered by vendor Secomea Subscribe
Total 42 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-2912 1 Secomea 1 Sitemanager Embedded 2024-11-21 N/A 5.9 MEDIUM
Use After Free vulnerability in Secomea SiteManager Embedded allows Obstruction.
CVE-2023-0317 1 Secomea 1 Gatemanager 2024-11-21 N/A 4.9 MEDIUM
Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information.
CVE-2022-4308 1 Secomea 1 Gatemanager 2024-11-21 N/A 6.1 MEDIUM
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked.
CVE-2022-38125 1 Secomea 24 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 21 more 2024-11-21 N/A 2.9 LOW
Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client.
CVE-2022-38124 1 Secomea 24 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 21 more 2024-11-21 N/A 5.7 MEDIUM
Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.
CVE-2022-38123 1 Secomea 1 Gatemanager 2024-11-21 N/A 8.7 HIGH
Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0.
CVE-2022-2752 1 Secomea 1 Gatemanager 2024-11-21 N/A 5.5 MEDIUM
A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7.
CVE-2022-25787 1 Secomea 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more 2024-11-21 4.6 MEDIUM 7.5 HIGH
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7.
CVE-2022-25786 1 Secomea 1 Gatemanager 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. This issue affects: GateManager all versions prior to 9.7.
CVE-2022-25785 1 Secomea 18 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 15 more 2024-11-21 6.5 MEDIUM 6.6 MEDIUM
Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7.
CVE-2022-25784 1 Secomea 18 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 15 more 2024-11-21 3.5 LOW 9.1 CRITICAL
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7.
CVE-2022-25783 1 Secomea 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7.
CVE-2022-25782 1 Secomea 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more 2024-11-21 5.5 MEDIUM 5.4 MEDIUM
Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7.
CVE-2022-25781 1 Secomea 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more 2024-11-21 4.3 MEDIUM 4.2 MEDIUM
Cross-site Scripting (XSS) vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html into logged in user session.
CVE-2022-25780 1 Secomea 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope.
CVE-2022-25779 1 Secomea 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Logging of Excessive Data vulnerability in audit log of Secomea GateManager allows logged in user to write text entries in audit log. This issue affects: Secomea GateManager versions prior to 9.7.
CVE-2022-25778 1 Secomea 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more 2024-11-21 6.8 MEDIUM 4.2 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Web UI of Secomea GateManager allows phishing attacker to issue get request in logged in user session.
CVE-2021-32010 1 Secomea 27 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 24 more 2024-11-21 6.8 MEDIUM 5.6 MEDIUM
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7.
CVE-2021-32009 1 Secomea 1 Gatemanager 2024-11-21 4.3 MEDIUM 5.0 MEDIUM
Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged in user to inject javascript in browser session. This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions.
CVE-2021-32008 1 Secomea 1 Gatemanager 2024-11-21 8.5 HIGH 9.9 CRITICAL
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged in GateManager admin to delete system Files or Directories.