Overview
- Description
- A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions.
- Source
- productcert@siemens.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA684297-D33B-4E81-A19F-29514EB409A0",
"versionEndExcluding": "12.4.0.13",
"versionStartIncluding": "12.4"
},
{
"criteria": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0EDF96B-DF5B-4A9E-A70E-FD3EEE8067CD",
"versionEndExcluding": "13.0.0.9",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80958809-7B4E-4B17-8438-1AA0F5960F90",
"versionEndExcluding": "13.1.0.9",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B6BC3EC-D245-410B-8332-3A5434CE75C3",
"versionEndExcluding": "13.2.0.9",
"versionStartIncluding": "13.2"
},
{
"criteria": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "704B0DB9-516D-4CDE-89AE-D36100B3B84A",
"versionEndExcluding": "13.3.0.3",
"versionStartIncluding": "13.3"
},
{
"criteria": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A83E678F-3A9A-4F07-9D03-C224741877C4",
"versionEndExcluding": "14.0.0.2",
"versionStartIncluding": "14.0"
}
],
"operator": "OR"
}
]
}
]