CVE-2021-33709

Summary

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions < V5.1.4). By sending malformed requests, a remote attacker could leak an application token due to an error not properly handled by the system.

Affected Software

VendorProductVersion RangeStatus
SiemensTeamcenter Active Workspace V4All versions < V4.3.9affected
SiemensTeamcenter Active Workspace V5.0All versions < V5.0.7affected
SiemensTeamcenter Active Workspace V5.1All versions < V5.1.4affected

Weaknesses

  • CWE-200: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

References