A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges could exploit this vulnerability to execute arbitrary code on the system with system privileges.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-756744.pdf | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2021-08-10T10:35:32
Updated: 2021-09-14T10:47:37
Reserved: 2021-05-28T00:00:00
Link: CVE-2021-33721
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-08-10T11:15:09.120
Modified: 2021-08-17T21:05:32.637
Link: CVE-2021-33721
JSON object: View
Redhat Information
No data.
CWE