Advisories | CERT@VDE

2022-12-13 08:00 VDE-2022-057

Wiesemann & Theis multiple products prone to web interface vulnerability

Multiple Wiesemann & Theis product families are affected by a vulnerability in the web interface. The device allows an unauthenticated attacker to get the session ID of a logged in user. He may then spoof his IP address to act as the logged in user.

more ...

CVE-2022-4098: 7.1

2022-11-07 12:43 VDE-2022-043

Wiesemann &Theis: Multiple Vulnerabilities in the Com-Server Family

Multiple Wiesemann & Theis product families are affected by multiple vulnerabilities in the web interface.

more ...

CVE-2022-42787: 9.8

CVE-2022-42785: 9.8

CVE-2022-42786: 5.4

Feeds

RSS / Atom

By Vendor

Auma (2)

Beckhoff (8)

Bender (2)

Endress+Hauser (10)

Festo SE (8)

Festo Didactic (1)

Carlo Gavazzi Controls (1)

Helmholz (4)

HIMA (1)

ifm (1)

Innominate (2)

Lenze (2)

MB connect line (8)

Miele (4)

M&M Software (1)

Pepperl+Fuchs (25)

PHOENIX CONTACT (66)

Pilz (8)

SWARCO (1)

TECSON/GOK (1)

TRUMPF Laser (5)

TRUMPF Werkzeugmaschinen (4)

VARTA Storage (1)

VMT (1)

WAGO (41)

Weidmueller (9)

Wiesemann & Theis (2)

Legend

(Scoring for CVSS 2.0,3.0+3.1)

None

No CVE available

Low

0.1 <= 3.9

Medium

4.0 <= 6.9

High

7.0 <= 8.9

Critical

9.0 <= 10.0

Wiesemann & Theis multiple products prone to web interface vulnerability

Wiesemann &Theis: Multiple Vulnerabilities in the Com-Server Family

Feeds

By Vendor

Archive

2023

2022

2021

2020

2019

2018

2017

Legend