Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-29999 (GCVE-0-2025-29999)
Vulnerability from cvelistv5 – Published: 2025-04-08 08:22 – Updated: 2025-04-08 13:26
VLAI?
EPSS
Summary
A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The affected application searches for executable files in the application folder without proper validation.
This could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory.
Severity ?
6.7 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Siemens License Server (SLS) |
Affected:
0 , < V4.3
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-29999",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T13:25:44.643425Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T13:26:14.840Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Siemens License Server (SLS)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Siemens License Server (SLS) (All versions \u003c V4.3). The affected application searches for executable files in the application folder without proper validation.\r\nThis could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T08:22:28.099Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-525431.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2025-29999",
"datePublished": "2025-04-08T08:22:28.099Z",
"dateReserved": "2025-03-13T14:30:18.938Z",
"dateUpdated": "2025-04-08T13:26:14.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-29999\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2025-04-08T09:15:27.053\",\"lastModified\":\"2025-04-08T18:13:53.347\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in Siemens License Server (SLS) (All versions \u003c V4.3). The affected application searches for executable files in the application folder without proper validation.\\r\\nThis could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en Siemens License Server (SLS) (todas las versiones anteriores a la V4.3). La aplicaci\u00f3n afectada busca archivos ejecutables en la carpeta de la aplicaci\u00f3n sin la validaci\u00f3n adecuada. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo arbitrario con privilegios administrativos colocando un ejecutable malicioso en el mismo directorio.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-525431.html\",\"source\":\"productcert@siemens.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-29999\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-08T13:25:44.643425Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-08T13:25:57.861Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\"}}, {\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\"}}], \"affected\": [{\"vendor\": \"Siemens\", \"product\": \"Siemens License Server (SLS)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V4.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-525431.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in Siemens License Server (SLS) (All versions \u003c V4.3). The affected application searches for executable files in the application folder without proper validation.\\r\\nThis could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269: Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"shortName\": \"siemens\", \"dateUpdated\": \"2025-04-08T08:22:28.099Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-29999\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-08T13:26:14.840Z\", \"dateReserved\": \"2025-03-13T14:30:18.938Z\", \"assignerOrgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"datePublished\": \"2025-04-08T08:22:28.099Z\", \"assignerShortName\": \"siemens\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
NCSC-2025-0106
Vulnerability from csaf_ncscnl - Published: 2025-04-08 13:57 - Updated: 2025-04-08 13:57Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als Industrial Edge Devices, Mendix, SENTRON, SIDIS, SIMATIC, SIPLUS,Insights Hub Private Cloud, Siemens License Server en Solid Edge.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (root/admin rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Toegang tot gevoelige gegevens
- Spoofing
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Dreigingsinformatie
Kans
medium
Schade
high
CWE-287
Improper Authentication
CWE-1240
Use of a Cryptographic Primitive with a Risky Implementation
CWE-606
Unchecked Input for Loop Condition
CWE-1395
Dependency on Vulnerable Third-Party Component
CWE-363
Race Condition Enabling Link Following
CWE-420
Unprotected Alternate Channel
CWE-684
Incorrect Provision of Specified Functionality
CWE-834
Excessive Iteration
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-440
Expected Behavior Violation
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-319
Cleartext Transmission of Sensitive Information
CWE-354
Improper Validation of Integrity Check Value
CWE-325
Missing Cryptographic Step
CWE-404
Improper Resource Shutdown or Release
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-20
Improper Input Validation
CWE-1390
Weak Authentication
CWE-204
Observable Response Discrepancy
CWE-15
External Control of System or Configuration Setting
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-653
Improper Isolation or Compartmentalization
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-620
Unverified Password Change
CWE-798
Use of Hard-coded Credentials
CWE-269
Improper Privilege Management
CWE-295
Improper Certificate Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als Industrial Edge Devices, Mendix, SENTRON, SIDIS, SIMATIC, SIPLUS,Insights Hub Private Cloud, Siemens License Server en Solid Edge.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (root/admin rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n- Spoofing\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "description",
"text": " ",
"title": "Dreigingsinformatie"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Use of a Cryptographic Primitive with a Risky Implementation",
"title": "CWE-1240"
},
{
"category": "general",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "general",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
},
{
"category": "general",
"text": "Race Condition Enabling Link Following",
"title": "CWE-363"
},
{
"category": "general",
"text": "Unprotected Alternate Channel",
"title": "CWE-420"
},
{
"category": "general",
"text": "Incorrect Provision of Specified Functionality",
"title": "CWE-684"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
},
{
"category": "general",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Weak Authentication",
"title": "CWE-1390"
},
{
"category": "general",
"text": "Observable Response Discrepancy",
"title": "CWE-204"
},
{
"category": "general",
"text": "External Control of System or Configuration Setting",
"title": "CWE-15"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Isolation or Compartmentalization",
"title": "CWE-653"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Unverified Password Change",
"title": "CWE-620"
},
{
"category": "general",
"text": "Use of Hard-coded Credentials",
"title": "CWE-798"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187636.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-277137.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-525431.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-634640.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-672923.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-725549.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-819629.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-874353.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-817234.pdf"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2025-04-08T13:57:11.959816Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0106",
"initial_release_date": "2025-04-08T13:57:11.959816Z",
"revision_history": [
{
"date": "2025-04-08T13:57:11.959816Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.21.1-1-a",
"product": {
"name": "vers:unknown/\u003cv1.21.1-1-a",
"product_id": "CSAFPID-2631845"
}
}
],
"category": "product_name",
"name": "Industrial Edge Own Device (IEOD)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.21.1-1",
"product": {
"name": "vers:unknown/\u003cv1.21.1-1",
"product_id": "CSAFPID-2631844"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - x86-64 V1.21"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.20.2-1",
"product": {
"name": "vers:unknown/\u003cv1.20.2-1",
"product_id": "CSAFPID-2631843"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - x86-64 V1.20"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631842"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - x86-64 V1.19"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631841"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - x86-64 V1.18"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631840"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - x86-64 V1.17"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.21.1-1",
"product": {
"name": "vers:unknown/\u003cv1.21.1-1",
"product_id": "CSAFPID-2631839"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - arm64 V1.21"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.20.2-1",
"product": {
"name": "vers:unknown/\u003cv1.20.2-1",
"product_id": "CSAFPID-2631838"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - arm64 V1.20"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631837"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - arm64 V1.19"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631836"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - arm64 V1.18"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631835"
}
}
],
"category": "product_name",
"name": "Industrial Edge Device Kit - arm64 V1.17"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631900"
}
}
],
"category": "product_name",
"name": "SENTRON 7KT PAC1260 Data Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/4.0",
"product": {
"name": "vers:unknown/4.0",
"product_id": "CSAFPID-2632341"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/4.1",
"product": {
"name": "vers:unknown/4.1",
"product_id": "CSAFPID-2632342"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/4.2",
"product": {
"name": "vers:unknown/4.2",
"product_id": "CSAFPID-2632343"
}
}
],
"category": "product_name",
"name": "License Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv4.3",
"product": {
"name": "vers:unknown/\u003cv4.3",
"product_id": "CSAFPID-2631790"
}
}
],
"category": "product_name",
"name": "Siemens License Server (SLS)"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:siemens/224.0 update 12",
"product": {
"name": "vers:siemens/224.0 update 12",
"product_id": "CSAFPID-2632460"
}
},
{
"category": "product_version_range",
"name": "vers:siemens/225.0 update 3",
"product": {
"name": "vers:siemens/225.0 update 3",
"product_id": "CSAFPID-2632459"
}
}
],
"category": "product_name",
"name": "Solid Edge"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:siemens/v224.0 update 12",
"product": {
"name": "vers:siemens/v224.0 update 12",
"product_id": "CSAFPID-2632083"
}
}
],
"category": "product_name",
"name": "Solid_Edge_Se2024"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:siemens/2.0 sp1",
"product": {
"name": "vers:siemens/2.0 sp1",
"product_id": "CSAFPID-1211926"
}
}
],
"category": "product_name",
"name": "SINEC Network Management System"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/none",
"product": {
"name": "vers:unknown/none",
"product_id": "CSAFPID-2619361"
}
}
],
"category": "product_name",
"name": "Siemens Simatic S7-1500 Tm Mfp"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=3|\u003c312",
"product": {
"name": "vers:unknown/\u003e=3|\u003c312",
"product_id": "CSAFPID-1209122"
}
}
],
"category": "product_name",
"name": "Siemens Telecontrol Server Basic"
}
],
"category": "product_family",
"name": "Siemens"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv224.0update12",
"product": {
"name": "vers:unknown/\u003cv224.0update12",
"product_id": "CSAFPID-2631854"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2024"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv225.0update3",
"product": {
"name": "vers:unknown/\u003cv225.0update3",
"product_id": "CSAFPID-2631855"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv2.0.0",
"product": {
"name": "vers:unknown/\u003cv2.0.0",
"product_id": "CSAFPID-1296722"
}
}
],
"category": "product_name",
"name": "SIMATIC CFU DIQ"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv2.0",
"product": {
"name": "vers:unknown/\u003cv2.0",
"product_id": "CSAFPID-2631923"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv2.0.0",
"product": {
"name": "vers:unknown/\u003cv2.0.0",
"product_id": "CSAFPID-1296723"
}
}
],
"category": "product_name",
"name": "SIMATIC CFU PA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631924"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200AL IM 157-1 PN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631925"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200M IM 153-4 PN IO HF"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631926"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200M IM 153-4 PN IO ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631927"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200MP IM 155-5 PN BA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631928"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200MP IM 155-5 PN HF"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631929"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200MP IM 155-5 PN ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631932"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200S IM 151-3 PN FO"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631933"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200S IM 151-3 PN HF"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631934"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200S IM 151-3 PN HS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631935"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200S IM 151-3 PN ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-1765658"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200S IM 151-8 PN/DP CPU"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-1765659"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200S IM 151-8F PN/DP CPU"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631856"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP CPU 1510SP F-1 PN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631858"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP CPU 1510SP-1 PN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631860"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP CPU 1512SP F-1 PN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631862"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP CPU 1512SP-1 PN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-1765660"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP IM 155-6 MF HF"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631936"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP IM 155-6 PN BA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.3",
"product": {
"name": "vers:unknown/\u003cv1.3",
"product_id": "CSAFPID-2631937"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631938"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP IM 155-6 PN HF"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631939"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP IM 155-6 PN HS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631940"
}
}
],
"category": "product_name",
"name": "SIMATIC ET 200SP IM 155-6 PN ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631920"
}
}
],
"category": "product_name",
"name": "SIDOOR ATD430W"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631921"
}
}
],
"category": "product_name",
"name": "SIDOOR ATE530G COATED"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631922"
}
}
],
"category": "product_name",
"name": "SIDOOR ATE530S COATED"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631967"
}
}
],
"category": "product_name",
"name": "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631968"
}
}
],
"category": "product_name",
"name": "SIMOCODE pro V PROFINET"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631969"
}
}
],
"category": "product_name",
"name": "SINUMERIK 840D sl"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2632004"
}
}
],
"category": "product_name",
"name": "SIWAREX WP231"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2632005"
}
}
],
"category": "product_name",
"name": "SIWAREX WP241"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2632006"
}
}
],
"category": "product_name",
"name": "SIWAREX WP251"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2632007"
}
}
],
"category": "product_name",
"name": "SIWAREX WP521 ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2632008"
}
}
],
"category": "product_name",
"name": "SIWAREX WP522 ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631966"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-1765690"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-1765691"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.3",
"product": {
"name": "vers:unknown/\u003cv8.3",
"product_id": "CSAFPID-2459039"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631970"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200M IM 153-4 PN IO HF"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631971"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200M IM 153-4 PN IO ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631972"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200MP IM 155-5 PN HF"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631973"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631974"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200MP IM 155-5 PN ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631975"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-1765700"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200S IM 151-8 PN/DP CPU"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-1765701"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200S IM 151-8F PN/DP CPU"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631976"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200S IM151-3 PN HF"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631977"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200S IM151-3 PN ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-1296980"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CPU 1512SP F-1 PN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631978"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP IM 155-6 PN HF"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631979"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631980"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP IM 155-6 PN HF TX RAIL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631981"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP IM 155-6 PN ST"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631982"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP IM 155-6 PN ST BA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631983"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631984"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631985"
}
}
],
"category": "product_name",
"name": "SIPLUS HCS4200 CIM4210"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/10.16.0",
"product": {
"name": "vers:unknown/10.16.0",
"product_id": "CSAFPID-2632402"
}
}
],
"category": "product_name",
"name": "Mendix Runtime"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv10.21.0",
"product": {
"name": "vers:unknown/\u003cv10.21.0",
"product_id": "CSAFPID-2631802"
}
}
],
"category": "product_name",
"name": "Mendix Runtime V10"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631803"
}
}
],
"category": "product_name",
"name": "Mendix Runtime V10.12"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631804"
}
}
],
"category": "product_name",
"name": "Mendix Runtime V10.18"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2631805"
}
}
],
"category": "product_name",
"name": "Mendix Runtime V10.6"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-1296837"
}
}
],
"category": "product_name",
"name": "Mendix Runtime V8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv9.24.34",
"product": {
"name": "vers:unknown/\u003cv9.24.34",
"product_id": "CSAFPID-2631806"
}
}
],
"category": "product_name",
"name": "Mendix Runtime V9"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21658",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "other",
"text": "Race Condition Enabling Link Following",
"title": "CWE-363"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-21658",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-21658.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2022-21658"
},
{
"cve": "CVE-2023-2975",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-2975",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2975.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2023-2975"
},
{
"cve": "CVE-2023-3446",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "other",
"text": "Use of a Cryptographic Primitive with a Risky Implementation",
"title": "CWE-1240"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-3446",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3446.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-3817",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "other",
"text": "Use of a Cryptographic Primitive with a Risky Implementation",
"title": "CWE-1240"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-3817",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3817.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-4807",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Expected Behavior Violation",
"title": "CWE-440"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4807",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2023-4807"
},
{
"cve": "CVE-2023-5363",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"notes": [
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Incorrect Provision of Specified Functionality",
"title": "CWE-684"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5363",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5363.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5678",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json"
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-7104",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-7104",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7104.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2023-7104"
},
{
"cve": "CVE-2024-0056",
"cwe": {
"id": "CWE-420",
"name": "Unprotected Alternate Channel"
},
"notes": [
{
"category": "other",
"text": "Unprotected Alternate Channel",
"title": "CWE-420"
},
{
"category": "other",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0056",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0056.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-0056"
},
{
"cve": "CVE-2024-0232",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json"
}
],
"title": "CVE-2024-0232"
},
{
"cve": "CVE-2024-0727",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0727",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-9143",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-21319",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21319",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21319.json"
}
],
"title": "CVE-2024-21319"
},
{
"cve": "CVE-2024-23814",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23814",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23814.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-23814"
},
{
"cve": "CVE-2024-30105",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30105",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30105.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-30105"
},
{
"cve": "CVE-2024-41788",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41788",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41788.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-41788"
},
{
"cve": "CVE-2024-41789",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41789",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41789.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-41789"
},
{
"cve": "CVE-2024-41790",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41790",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41790.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-41790"
},
{
"cve": "CVE-2024-41791",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41791",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41791.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-41791"
},
{
"cve": "CVE-2024-41792",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41792",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41792.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-41792"
},
{
"cve": "CVE-2024-41793",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41793",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41793.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-41793"
},
{
"cve": "CVE-2024-41794",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "other",
"text": "Use of Hard-coded Credentials",
"title": "CWE-798"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41794",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41794.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-41794"
},
{
"cve": "CVE-2024-41795",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "other",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-41795"
},
{
"cve": "CVE-2024-41796",
"cwe": {
"id": "CWE-620",
"name": "Unverified Password Change"
},
"notes": [
{
"category": "other",
"text": "Unverified Password Change",
"title": "CWE-620"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41796",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41796.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-41796"
},
{
"cve": "CVE-2024-54091",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-54091",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54091.json"
}
],
"title": "CVE-2024-54091"
},
{
"cve": "CVE-2024-54092",
"cwe": {
"id": "CWE-1390",
"name": "Weak Authentication"
},
"notes": [
{
"category": "other",
"text": "Weak Authentication",
"title": "CWE-1390"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-54092",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54092.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2024-54092"
},
{
"cve": "CVE-2025-30280",
"cwe": {
"id": "CWE-204",
"name": "Observable Response Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Response Discrepancy",
"title": "CWE-204"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30280",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30280.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2025-30280"
},
{
"cve": "CVE-2025-1097",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "External Control of System or Configuration Setting",
"title": "CWE-15"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-1097",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-1097.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2025-1097"
},
{
"cve": "CVE-2025-24514",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "External Control of System or Configuration Setting",
"title": "CWE-15"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24514",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24514.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2025-24514"
},
{
"cve": "CVE-2025-24513",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24513",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24513.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2025-24513"
},
{
"cve": "CVE-2025-1974",
"cwe": {
"id": "CWE-653",
"name": "Improper Isolation or Compartmentalization"
},
"notes": [
{
"category": "other",
"text": "Improper Isolation or Compartmentalization",
"title": "CWE-653"
},
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-1974",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-1974.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2025-1974"
},
{
"cve": "CVE-2025-1098",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "External Control of System or Configuration Setting",
"title": "CWE-15"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-1098",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-1098.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2025-1098"
},
{
"cve": "CVE-2025-29999",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-29999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29999.json"
}
],
"title": "CVE-2025-29999"
},
{
"cve": "CVE-2025-30000",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30000",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30000.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2631845",
"CSAFPID-2631844",
"CSAFPID-2631843",
"CSAFPID-2631842",
"CSAFPID-2631841",
"CSAFPID-2631840",
"CSAFPID-2631839",
"CSAFPID-2631838",
"CSAFPID-2631837",
"CSAFPID-2631836",
"CSAFPID-2631835",
"CSAFPID-2631900",
"CSAFPID-2632341",
"CSAFPID-2632342",
"CSAFPID-2632343",
"CSAFPID-2631790",
"CSAFPID-2632460",
"CSAFPID-2632459",
"CSAFPID-2631854",
"CSAFPID-2631855",
"CSAFPID-2632083",
"CSAFPID-1296722",
"CSAFPID-2631923",
"CSAFPID-1296723",
"CSAFPID-2631924",
"CSAFPID-2631925",
"CSAFPID-2631926",
"CSAFPID-2631927",
"CSAFPID-2631928",
"CSAFPID-2631929",
"CSAFPID-2631932",
"CSAFPID-2631933",
"CSAFPID-2631934",
"CSAFPID-2631935",
"CSAFPID-1765658",
"CSAFPID-1765659",
"CSAFPID-2631856",
"CSAFPID-2631858",
"CSAFPID-2631860",
"CSAFPID-2631862",
"CSAFPID-1765660",
"CSAFPID-2631936",
"CSAFPID-2631937",
"CSAFPID-2631938",
"CSAFPID-2631939",
"CSAFPID-2631940",
"CSAFPID-2631920",
"CSAFPID-2631921",
"CSAFPID-2631922",
"CSAFPID-2631967",
"CSAFPID-2631968",
"CSAFPID-2631969",
"CSAFPID-2632004",
"CSAFPID-2632005",
"CSAFPID-2632006",
"CSAFPID-2632007",
"CSAFPID-2632008",
"CSAFPID-2631966",
"CSAFPID-1765690",
"CSAFPID-1765691",
"CSAFPID-2459039",
"CSAFPID-2631970",
"CSAFPID-2631971",
"CSAFPID-2631972",
"CSAFPID-2631973",
"CSAFPID-2631974",
"CSAFPID-2631975",
"CSAFPID-1765700",
"CSAFPID-1765701",
"CSAFPID-2631976",
"CSAFPID-2631977",
"CSAFPID-1296980",
"CSAFPID-2631978",
"CSAFPID-2631979",
"CSAFPID-2631980",
"CSAFPID-2631981",
"CSAFPID-2631982",
"CSAFPID-2631983",
"CSAFPID-2631984",
"CSAFPID-2631985",
"CSAFPID-2632402",
"CSAFPID-2631802",
"CSAFPID-2631803",
"CSAFPID-2631804",
"CSAFPID-2631805",
"CSAFPID-1296837",
"CSAFPID-2631806",
"CSAFPID-1211926",
"CSAFPID-2619361",
"CSAFPID-1209122"
]
}
],
"title": "CVE-2025-30000"
}
]
}
ICSA-25-100-01
Vulnerability from csaf_cisa - Published: 2025-04-08 00:00 - Updated: 2025-05-06 06:00Summary
Siemens License Server (SLS)
Notes
Summary
Siemens License Server before V4.3 contains various vulnerabilities that could allow a low-privileged local user to escalate privileges or perform arbitrary code execution.
Siemens has released a new version for Siemens License Server (SLS) and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Intel PSIRT",
"summary": "reporting these vulnerabilities to Siemens."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Siemens License Server before V4.3 contains various vulnerabilities that could allow a low-privileged local user to escalate privileges or perform arbitrary code execution.\n\nSiemens has released a new version for Siemens License Server (SLS) and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-525431: Privilege Escalation Vulnerabilities in Siemens License Server Before V4.3 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-525431.json"
},
{
"category": "self",
"summary": "SSA-525431: Privilege Escalation Vulnerabilities in Siemens License Server Before V4.3 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-525431.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-100-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-100-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-100-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens License Server (SLS)",
"tracking": {
"current_release_date": "2025-05-06T06:00:00.000000Z",
"generator": {
"date": "2025-04-10T17:11:44.873065Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-100-01",
"initial_release_date": "2025-04-08T00:00:00.000000Z",
"revision_history": [
{
"date": "2025-04-08T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-05-06T06:00:00.000000Z",
"legacy_version": "Revision",
"number": "2",
"summary": "Revision - Fixing typos"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3",
"product": {
"name": "Siemens License Server (SLS)",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Siemens License Server (SLS)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-29999",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "summary",
"text": "The affected application searches for executable files in the application folder without proper validation.\r\nThis could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.3 or later version",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-29999"
},
{
"cve": "CVE-2025-30000",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected application does not properly restrict permissions of the users. This could allow a lowly-privileged attacker to escalate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.3 or later version",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-30000"
}
]
}
SSA-525431
Vulnerability from csaf_siemens - Published: 2025-04-08 00:00 - Updated: 2025-04-08 00:00Summary
SSA-525431: Privilege Escalation Vulnerabilities in Siemens License Server Before V4.3
Notes
Summary
Siemens License Server before V4.3 contains various vulnerabilities that could allow a low-privileged local user to escalate privileges or perform arbitrary code execution.
Siemens has released a new version for Siemens License Server (SLS) and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Siemens License Server before V4.3 contains various vulnerabilities that could allow a low-privileged local user to escalate privileges or perform arbitrary code execution.\n\nSiemens has released a new version for Siemens License Server (SLS) and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-525431: Privilege Escalation Vulnerabilities in Siemens License Server Before V4.3 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-525431.html"
},
{
"category": "self",
"summary": "SSA-525431: Privilege Escalation Vulnerabilities in Siemens License Server Before V4.3 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-525431.json"
}
],
"title": "SSA-525431: Privilege Escalation Vulnerabilities in Siemens License Server Before V4.3",
"tracking": {
"current_release_date": "2025-04-08T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-525431",
"initial_release_date": "2025-04-08T00:00:00Z",
"revision_history": [
{
"date": "2025-04-08T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.3",
"product": {
"name": "Siemens License Server (SLS)",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "Siemens License Server (SLS)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-29999",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "summary",
"text": "The affected application searches for executable files in the application folder without proper validation.\r\nThis could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.3 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-29999"
},
{
"cve": "CVE-2025-30000",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected application does not properly restrict permissions of the users. This could allow a lowly-privileged attacker to escalate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.3 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-30000"
}
]
}
FKIE_CVE-2025-29999
Vulnerability from fkie_nvd - Published: 2025-04-08 09:15 - Updated: 2025-04-08 18:13
Severity ?
Summary
A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The affected application searches for executable files in the application folder without proper validation.
This could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Siemens License Server (SLS) (All versions \u003c V4.3). The affected application searches for executable files in the application folder without proper validation.\r\nThis could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Siemens License Server (SLS) (todas las versiones anteriores a la V4.3). La aplicaci\u00f3n afectada busca archivos ejecutables en la carpeta de la aplicaci\u00f3n sin la validaci\u00f3n adecuada. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo arbitrario con privilegios administrativos colocando un ejecutable malicioso en el mismo directorio."
}
],
"id": "CVE-2025-29999",
"lastModified": "2025-04-08T18:13:53.347",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "productcert@siemens.com",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2025-04-08T09:15:27.053",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-525431.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
}
VAR-202504-0715
Vulnerability from variot - Updated: 2025-04-25 01:51A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The affected application searches for executable files in the application folder without proper validation. This could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202504-0715",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "license server",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07817"
}
]
},
"cve": "CVE-2025-29999",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.5,
"id": "CNVD-2025-07817",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2025-29999",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2025-29999",
"trust": 1.0,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2025-07817",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07817"
},
{
"db": "NVD",
"id": "CVE-2025-29999"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in Siemens License Server (SLS) (All versions \u003c V4.3). The affected application searches for executable files in the application folder without proper validation. \r\nThis could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-29999"
},
{
"db": "CNVD",
"id": "CNVD-2025-07817"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-29999",
"trust": 1.6
},
{
"db": "SIEMENS",
"id": "SSA-525431",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2025-07817",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07817"
},
{
"db": "NVD",
"id": "CVE-2025-29999"
}
]
},
"id": "VAR-202504-0715",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07817"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07817"
}
]
},
"last_update_date": "2025-04-25T01:51:57.739000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens License Server Improper Permission Management Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/682166"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07817"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-269",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2025-29999"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-525431.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07817"
},
{
"db": "NVD",
"id": "CVE-2025-29999"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-07817"
},
{
"db": "NVD",
"id": "CVE-2025-29999"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-04-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-07817"
},
{
"date": "2025-04-08T09:15:27.053000",
"db": "NVD",
"id": "CVE-2025-29999"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-04-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-07817"
},
{
"date": "2025-04-08T18:13:53.347000",
"db": "NVD",
"id": "CVE-2025-29999"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens License Server Improper Permission Management Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07817"
}
],
"trust": 0.6
}
}
GHSA-Q45G-XFV8-QX7W
Vulnerability from github – Published: 2025-04-08 09:31 – Updated: 2025-04-08 09:31
VLAI?
Details
A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The affected application searches for executable files in the application folder without proper validation. This could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory.
Severity ?
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-29999"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-08T09:15:27Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in Siemens License Server (SLS) (All versions \u003c V4.3). The affected application searches for executable files in the application folder without proper validation.\nThis could allow an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same directory.",
"id": "GHSA-q45g-xfv8-qx7w",
"modified": "2025-04-08T09:31:12Z",
"published": "2025-04-08T09:31:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29999"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-525431.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
CNVD-2025-07817
Vulnerability from cnvd - Published: 2025-04-23
VLAI Severity ?
Title
Siemens License Server权限管理不当漏洞
Description
Siemens License Server(SLS)是德国西门子(Siemens)公司的一个用于管理和分发西门子软件产品许可证的工具。
Siemens License Server存在权限管理不当漏洞,该漏洞源于未正确验证应用文件夹中的可执行文件,攻击者可利用该漏洞通过将恶意可执行文件放置在同一目录中,以管理权限执行任意代码。
Severity
中
Patch Name
Siemens License Server权限管理不当漏洞的补丁
Patch Description
Siemens License Server(SLS)是德国西门子(Siemens)公司的一个用于管理和分发西门子软件产品许可证的工具。
Siemens License Server存在权限管理不当漏洞,该漏洞源于未正确验证应用文件夹中的可执行文件,攻击者可利用该漏洞通过将恶意可执行文件放置在同一目录中,以管理权限执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://cert-portal.siemens.com/productcert/html/ssa-525431.html
Reference
https://cert-portal.siemens.com/productcert/html/ssa-525431.html
Impacted products
| Name | SIEMENS Siemens License Server <V4.3 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2025-29999",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-29999"
}
},
"description": "Siemens License Server\uff08SLS\uff09\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7528\u4e8e\u7ba1\u7406\u548c\u5206\u53d1\u897f\u95e8\u5b50\u8f6f\u4ef6\u4ea7\u54c1\u8bb8\u53ef\u8bc1\u7684\u5de5\u5177\u3002\n\nSiemens License Server\u5b58\u5728\u6743\u9650\u7ba1\u7406\u4e0d\u5f53\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u6b63\u786e\u9a8c\u8bc1\u5e94\u7528\u6587\u4ef6\u5939\u4e2d\u7684\u53ef\u6267\u884c\u6587\u4ef6\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5c06\u6076\u610f\u53ef\u6267\u884c\u6587\u4ef6\u653e\u7f6e\u5728\u540c\u4e00\u76ee\u5f55\u4e2d\uff0c\u4ee5\u7ba1\u7406\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-525431.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-07817",
"openTime": "2025-04-23",
"patchDescription": "Siemens License Server\uff08SLS\uff09\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7528\u4e8e\u7ba1\u7406\u548c\u5206\u53d1\u897f\u95e8\u5b50\u8f6f\u4ef6\u4ea7\u54c1\u8bb8\u53ef\u8bc1\u7684\u5de5\u5177\u3002\r\n\r\nSiemens License Server\u5b58\u5728\u6743\u9650\u7ba1\u7406\u4e0d\u5f53\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u6b63\u786e\u9a8c\u8bc1\u5e94\u7528\u6587\u4ef6\u5939\u4e2d\u7684\u53ef\u6267\u884c\u6587\u4ef6\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5c06\u6076\u610f\u53ef\u6267\u884c\u6587\u4ef6\u653e\u7f6e\u5728\u540c\u4e00\u76ee\u5f55\u4e2d\uff0c\u4ee5\u7ba1\u7406\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Siemens License Server\u6743\u9650\u7ba1\u7406\u4e0d\u5f53\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "SIEMENS Siemens License Server \u003cV4.3"
},
"referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-525431.html",
"serverity": "\u4e2d",
"submitTime": "2025-04-18",
"title": "Siemens License Server\u6743\u9650\u7ba1\u7406\u4e0d\u5f53\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…