VDB

CISA-2022-32260

CISA-2022-32260 PUBLISHED CVSS 6.5 MEDIUM

Reported by siemens · Published June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Affected Products

VendorProductVersions
SiemensSINEMA Remote Connect Server0
SiemensSINEMA Remote Connect Server0, 0

Timeline

  • Jun 14, 2022 CVE Published
  • Aug 3, 2024 CVE Updated

References

  • x_refsource_MISC
Open in Interactive Console →
$ Console Community · 100/wk Open console ›