CVE-2021-33721

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges could exploit this vulnerability to execute arbitrary code on the system with system privileges.
References
Configurations

Configuration 1

cpe:2.3:a:siemens:sinec_network_management_system:1.0:sp1:*:*:*:*:*:*
cpe:2.3:a:siemens:sinec_network_management_system:1.0:-:*:*:*:*:*:*
cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*

Information

Published : 2021-08-10 11:15

Updated : 2021-08-17 09:05


NVD link : CVE-2021-33721

Mitre link : CVE-2021-33721

Products Affected
No products.
CWE