VDB
CVE-2025-23363
CVE-2025-23363
PUBLISHED
CVSS 7.400000095367432 HIGH
A vulnerability has been identified in Teamcenter (All versions < V14.3.0.0). The SSO login service of affected applications accepts user-controlled input that could specify a link to an external site. This could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.
EPSS 0.41% · 61.8th percentile
Risk Scores
CVSS 3.1
7.400000095367432
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
EPSS Score
0.41%
61.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Teamcenter V14.2 | 0 |
| Siemens | Teamcenter V14.1 | 0 |
| Siemens | Teamcenter V2412 | 0 |
| Siemens | Teamcenter V14.3 | 0 |
| Siemens | Teamcenter V2312 | 0 |
| siemens | teamcenter | 14.2, 14.3, 2312.0 |
| Siemens | Teamcenter V2406 | 0 |
Timeline
- Feb 11, 2025 CVE Published
- Feb 11, 2025 PoC Published
- Feb 11, 2025 PoC Published
- Feb 11, 2025 PoC Published
- Feb 11, 2025 PoC Published
- Feb 11, 2025 PoC Published
- Feb 12, 2025 EPSS Score
- Feb 13, 2025 PoC Published
- Feb 25, 2025 PoC Published
- Feb 27, 2025 EPSS Score
- Feb 27, 2025 PoC Published
- Mar 2, 2025 PoC Published