First published: Tue Sep 14 2021(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The status provided by the syslog clients managed by the affected software can be manipulated by an unauthenticated attacker in the same network of the affected system.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SINEMA Remote Connect Server | <3.0 | |
Siemens SINEMA Remote Connect Server | =3.0 | |
Siemens SINEMA Remote Connect Server | =3.0-sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-37177 is a vulnerability identified in SINEMA Remote Connect Server where an unauthenticated attacker in the same network can manipulate the status provided by syslog clients.
CVE-2021-37177 has a severity rating of 6.5 (medium).
All versions prior to V3.0 SP2 of SINEMA Remote Connect Server are affected by CVE-2021-37177.
An attacker can exploit CVE-2021-37177 by manipulating the status provided by the syslog clients.
Yes, upgrading to version V3.0 SP2 or later of SINEMA Remote Connect Server resolves the vulnerability.