VDB
CISA-2022-32254
CISA-2022-32254
PUBLISHED
CVSS 4.3 MEDIUM
Reported by siemens · Published June 14, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker.
Risk Scores
CVSS 3.1
4.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SINEMA Remote Connect Server | 0 |
| Siemens | SINEMA Remote Connect Server | 0, 0 |
Timeline
- Jun 14, 2022 CVE Published
- Aug 3, 2024 CVE Updated