SSA-656895 — Vulnetix

SSA-656895 PUBLISHED CVSS 7.400000095367432 HIGH

The SSO login service in Teamcenter contains an open redirect vulnerability that could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. Siemens has released new versions for the affected products and recommends to update to the latest versions.

Risk Scores

CVSS 3.1

7.400000095367432

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
	Teamcenter V2312
	Teamcenter V2412
	Teamcenter V14.3
	Teamcenter V14.1
	Teamcenter V2406
	Teamcenter V14.2

Exploit Intelligence

https://cert-portal.siemens.com/productcert/html/ssa-656895.html (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-656895.json (circl)
https://support.sw.siemens.com/product/282219420/ (circl)

Timeline

Feb 11, 2025 CVE Published
Jun 10, 2025 CVE Updated

References

https://cert-portal.siemens.com/productcert/html/ssa-656895.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-656895.json advisory
https://support.sw.siemens.com/product/282219420/ fix

Open in Interactive Console →