Rewterz Threat Alert – Emotet Malware – IOCs
August 24, 2020Rewterz Threat Alert -Multiple Vulnerabilities In Discount Rules for WooCommerce Plugin
August 24, 2020Rewterz Threat Alert – Emotet Malware – IOCs
August 24, 2020Rewterz Threat Alert -Multiple Vulnerabilities In Discount Rules for WooCommerce Plugin
August 24, 2020Severity
Medium
Analysis Summary
The login screen does not sufficiently sanitize input, which enables an attacker to generate specially crafted log messages. If an unsuspecting user views the log messages via a web browser, these log messages might be interpreted and executed as code by the web application. This cross-site scripting (XSS) vulnerability might compromise the confidentiality, integrity, and availability of the web application.
Impact
Cross-site scripting
Affected Vendors
Siemens
Affected Products
SICAM WEB firmware: all versions prior to C05.30
Remediation
Siemens recommends users update to the latest version, v05.30