CVE-2021-44524 vulnerability in Siemens Products
Published on December 14, 2021
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal user authentication service. This could allow an unauthenticated remote attacker to trigger several actions on behalf of valid user accounts.
Weakness Type
Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Products Associated with CVE-2021-44524
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-44524 are published in these products:
Affected Versions
Siemens SiPass integrated V2.76:- Version All versions is affected.
- Version All versions is affected.
- Version All versions is affected.
- Version All versions is affected.
- Version All versions < V1.6.284.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.