CVE-2022-40147
N/A
N/A
Summary
A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The affected software does not properly validate the server certificate when initiating a TLS connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path between the client and the intended server.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | Industrial Edge Management | All versions < V1.5.1 | affected |
Weaknesses
- CWE-295: CWE-295: Improper Certificate Validation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.