Advisories | CERT@VDE

2022-12-13 08:00 VDE-2022-057

Wiesemann & Theis multiple products prone to web interface vulnerability

Multiple Wiesemann & Theis product families are affected by a vulnerability in the web interface. The device allows an unauthenticated attacker to get the session ID of a logged in user. He may then spoof his IP address to act as the logged in user.

more ...

CVE-2022-4098: 7.1

2022-11-07 12:43 VDE-2022-043

Wiesemann &Theis: Multiple Vulnerabilities in the Com-Server Family

Multiple Wiesemann & Theis product families are affected by multiple vulnerabilities in the web interface.

more ...

CVE-2022-42785: 9.8

CVE-2022-42787: 9.8

CVE-2022-42786: 5.4

Feeds

RSS / Atom

By Vendor

ADS-TEC Industrial IT (1)

Auma (4)

Beckhoff (8)

Bender (2)

CODESYS (6)

Endress+Hauser (10)

Festo SE (9)

Festo Didactic (3)

Frauscher (2)

Carlo Gavazzi Controls (1)

Helmholz (6)

HIMA (1)

ifm (1)

Innominate (2)

Lenze (2)

MB connect line (9)

Miele (4)

M&M Software (1)

Pepperl+Fuchs (25)

PHOENIX CONTACT (72)

Pilz (8)

Red Lion Europe (1)

SWARCO (1)

TECSON/GOK (1)

Trumpf (1)

TRUMPF Laser (6)

TRUMPF Werkzeugmaschinen (5)

VARTA Storage (1)

VMT (1)

WAGO (47)

Weidmueller (9)

Wiesemann & Theis (2)

Legend

(Scoring for CVSS 2.0,3.0+3.1)

None

No CVE available

Low

0.1 <= 3.9

Medium

4.0 <= 6.9

High

7.0 <= 8.9

Critical

9.0 <= 10.0

Wiesemann & Theis multiple products prone to web interface vulnerability

Wiesemann &Theis: Multiple Vulnerabilities in the Com-Server Family

Feeds

By Vendor

Archive

2023

2022

2021

2020

2019

2018

2017

Legend