CVE-2021-40357

Summary

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.10), Teamcenter Active Workspace V5.0 (All versions < V5.0.8), Teamcenter Active Workspace V5.1 (All versions < V5.1.5), Teamcenter Active Workspace V5.2 (All versions < V5.2.1). A path traversal vulnerability in the application could allow an attacker to bypass certain restrictions such as direct access to other services within the host.

Affected Software

VendorProductVersion RangeStatus
SiemensTeamcenter Active Workspace V4.3All versions < V4.3.10affected
SiemensTeamcenter Active Workspace V5.0All versions < V5.0.8affected
SiemensTeamcenter Active Workspace V5.1All versions < V5.1.5affected
SiemensTeamcenter Active Workspace V5.2All versions < V5.2.1affected

Weaknesses

  • CWE-22: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CVE Program Container

Additional References

References