CVE-2022-31619
N/A
N/A
Summary
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | Teamcenter V12.4 | All versions < V12.4.0.13 | affected |
| Siemens | Teamcenter V13.0 | All versions < V13.0.0.9 | affected |
| Siemens | Teamcenter V13.1 | All versions < V13.1.0.9 | affected |
| Siemens | Teamcenter V13.2 | All versions < V13.2.0.9 | affected |
| Siemens | Teamcenter V13.3 | All versions < V13.3.0.3 | affected |
| Siemens | Teamcenter V14.0 | All versions < V14.0.0.2 | affected |
Weaknesses
- CWE-798: CWE-798: Use of Hard-coded Credentials
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.