CVE-2022-32259
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Summary
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | SINEMA Remote Connect Server | 0 < V3.1 | affected |
Weaknesses
- CWE-1244: CWE-1244: Internal Asset Exposed to Unsafe Debug Access Level or State
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
- https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
- https://cert-portal.siemens.com/productcert/html/ssa-484086.html
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
- https://cert-portal.siemens.com/productcert/html/ssa-484086.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.