A vulnerability has been identified in SICAM WEB firmware for SICAM A8000 RTUs (All versions < V05.30). The login screen does not sufficiently sanitize input, which enables an attacker to generate specially crafted log messages. If an unsuspecting victim views the log messages via the web browser, these log messages might be interpreted and executed as code by the web application. This Cross-Site-Scripting (XSS) vulnerability might compromize the confidentiality, integrity and availability of the web application.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2020-08-14T15:24:06
Updated: 2024-08-04T13:22:30.684Z
Reserved: 2020-07-15T00:00:00
Link: CVE-2020-15781
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-08-14T16:15:16.853
Modified: 2024-11-21T05:06:10.020
Link: CVE-2020-15781
Redhat
No data.