First published: Tue Sep 14 2021(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information disclosure vulnerability that could allow an attacker to retrieve VPN connection for a known user.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SINEMA Remote Connect Server | <3.0 | |
Siemens SINEMA Remote Connect Server | =3.0 | |
Siemens SINEMA Remote Connect Server | =3.0-sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-37190 is a vulnerability found in SINEMA Remote Connect Server (All versions < V3.0 SP2) that allows an attacker to retrieve VPN connection information for a known user.
The severity of CVE-2021-37190 is medium, with a CVSS score of 4.3.
CVE-2021-37190 affects Siemens SINEMA Remote Connect Server (All versions < V3.0 SP2) by exposing an information disclosure vulnerability that allows an attacker to retrieve VPN connection information.
To fix CVE-2021-37190, users should update their Siemens SINEMA Remote Connect Server to version V3.0 SP2 or newer.
You can find more information about CVE-2021-37190 in the security advisory published by Siemens at the following link: [https://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf](https://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf).