CVE-2022-32260

Summary

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios.

Affected Software

VendorProductVersion RangeStatus
SiemensSINEMA Remote Connect Server0 < V3.2 SP1affected

Weaknesses

  • CWE-286: CWE-286: Incorrect User Management

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References