CVE-2022-32256

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to low privileged users accessing privileged information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
siemensCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Affected Products (NVD)
VendorProductVersion
siemenssinema_remote_connect_server
𝑥
< 3.1
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
siemenssinema_remote_connect
𝑥
< 3.1
CNA
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/html/ssa-484086.html
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cert-portal.siemens.com/productcert/html/ssa-484086.html
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf