Overview
- Description
- A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could manipulate certain parameters and set a valid user of the affected software as invalid (or vice-versa).
- Source
- productcert@siemens.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.3
- Impact score
- 2.9
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- productcert@siemens.com
- CWE-471
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F65F9901-F4BD-4484-9749-D5022245D686", "versionEndExcluding": "3.0" }, { "criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:3.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F03BAD5-7B90-4212-ACBC-3C878C02CDAA" }, { "criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:3.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5BACE03-50A7-4279-8CA5-2BB95224D485" } ], "operator": "OR" } ] } ]