VDB

CVE-2022-32254

CVE-2022-32254 PUBLISHED CVSS 4.300000190734863 MEDIUM

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker.

EPSS 0.29% · 52.9th percentile

Risk Scores

CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
0.29%
52.9th percentile

Affected Products

VendorProductVersions
SiemensSINEMA Remote Connect Server0
siemenssinema_remote_connect_server0

Timeline

  • Jun 14, 2022 CVE Published
  • Jun 15, 2022 EPSS Score
  • Aug 3, 2022 EPSS Score
  • Sep 20, 2022 EPSS Score
  • Nov 7, 2022 EPSS Score
  • Dec 25, 2022 EPSS Score
  • Feb 11, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 31, 2023 EPSS Score
  • May 18, 2023 EPSS Score
  • Jul 6, 2023 EPSS Score
  • Aug 23, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›