Sitemanager
Approved changes feed: RSS · Atom
cpe:2.3:a:secomea:sitemanager:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Secomea (45c78ca4-ff1f-51f3-a5bb-ad82f24f54cd) |
|---|---|
| Product | Sitemanager (fafefa3b-f8c6-5d5e-87cc-a9e214cffb3d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-38125 |
vulnerable | 2026-06-03 14:47:49.303238 |
FTP Agent forwards traffic on inactive ports to LinkManager
LOW (2.9)
Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client.
Published: 2023-04-19T11:58:14.508Z
Updated: 2025-02-05T15:00:42.143Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-38124 |
vulnerable | 2026-06-03 14:47:49.288131 |
Unwanted debug tool
MEDIUM (5.7)
Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.
Published: 2022-12-13T13:06:17.021Z
Updated: 2025-04-18T15:28:20.215Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-25785 |
vulnerable | 2026-06-03 14:46:40.610054 |
Buffer overrun
MEDIUM (6.6)
Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7.
Published: 2022-05-04T13:57:06.000Z
Updated: 2024-08-03T04:49:43.219Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-25784 |
vulnerable | 2026-06-03 14:46:40.600379 |
User controllable HTML element attribute (potential XSS)
CRITICAL (9.1)
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7.
Published: 2022-05-04T13:56:20.000Z
Updated: 2024-08-03T04:49:43.564Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-32010 |
vulnerable | 2026-06-03 14:44:34.219840 |
Clients may connect to a GateManager with TLS 1.0
MEDIUM (5.6)
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7.
Published: 2022-05-04T13:45:03.000Z
Updated: 2024-08-03T23:17:28.463Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-32005 |
vulnerable | 2026-06-03 14:44:34.208143 |
SiteManager Log View XSS Issue
MEDIUM (6.5)
Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions.
Published: 2022-03-07T15:21:27.000Z
Updated: 2024-08-03T23:17:27.941Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-32003 |
vulnerable | 2026-06-03 14:44:34.204677 |
Configuration service port remains open 10 minutes after reboot even when already provisioned
HIGH (8)
Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware.
Published: 2021-08-05T20:33:30.000Z
Updated: 2024-08-03T23:17:27.897Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-32002 |
vulnerable | 2026-06-03 14:44:34.203017 |
SiteManager troubleshooter allows access without authentication from local network
MEDIUM (4.3)
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware.
Published: 2021-08-05T20:33:27.000Z
Updated: 2024-08-03T23:17:27.964Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-29027 |
vulnerable | 2026-06-03 14:42:22.004188 |
Reflected Cross Site Scripting
MEDIUM (5.4)
Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3.
Published: 2021-02-16T15:48:58.980Z
Updated: 2024-09-17T01:05:35.165Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-29020 |
vulnerable | 2026-06-03 14:42:21.986135 |
Reject Remote Management via Cellular UPLINK2
CRITICAL (9.1)
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware.
Published: 2021-03-05T19:12:30.259Z
Updated: 2024-09-16T18:55:36.049Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.