VDB
CISA-2022-32260
CISA-2022-32260
PUBLISHED
CVSS 6.5 MEDIUM
Reported by siemens · Published June 14, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SINEMA Remote Connect Server | 0 |
| Siemens | SINEMA Remote Connect Server | 0, 0 |
Timeline
- Jun 14, 2022 CVE Published
- Aug 3, 2024 CVE Updated