CVE-2021-40357

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.10), Teamcenter Active Workspace V5.0 (All versions < V5.0.8), Teamcenter Active Workspace V5.1 (All versions < V5.1.5), Teamcenter Active Workspace V5.2 (All versions < V5.2.1). A path traversal vulnerability in the application could allow an attacker to bypass certain restrictions such as direct access to other services within the host.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
siemensCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
VendorProductVersion
siemensteamcenter_active_workspace
4.3.0 ≤
𝑥
< 4.3.10
siemensteamcenter_active_workspace
5.0.0 ≤
𝑥
< 5.0.8
siemensteamcenter_active_workspace
5.1.0 ≤
𝑥
< 5.1.5
siemensteamcenter_active_workspace
5.2.0 ≤
𝑥
< 5.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/pdf/ssa-413407.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-413407.pdf