CVE-2021-44523

Summary

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal activity feed database. This could allow an unauthenticated remote attacker to read, modify or delete activity feed entries.

Affected Software

VendorProductVersion RangeStatus
SiemensSiPass integrated V2.76All versionsaffected
SiemensSiPass integrated V2.80All versionsaffected
SiemensSiPass integrated V2.85All versionsaffected
SiemensSiveillance Identity V1.5All versionsaffected
SiemensSiveillance Identity V1.6All versions < V1.6.284.0affected

Weaknesses

  • CWE-668: CWE-668: Exposure of Resource to Wrong Sphere

ADP Enrichment

CVE Program Container

Additional References

References