First published: Wed Feb 09 2022(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Affected products contain an open redirect vulnerability. An attacker could trick a valid authenticated user to the device into clicking a malicious link there by leading to phishing attacks.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SINEMA Remote Connect Server | <=2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2022-23102.
The severity level of CVE-2022-23102 is medium (6.1).
The affected software for CVE-2022-23102 is Siemens SINEMA Remote Connect Server versions prior to V2.0.
CVE-2022-23102 is an open redirect vulnerability in Siemens SINEMA Remote Connect Server, allowing an attacker to trick authenticated users into clicking malicious links and leading to phishing attacks.
Yes, there are references available for CVE-2022-23102. You can find them at the following links: [Reference 1](http://packetstormsecurity.com/files/165966/SIEMENS-SINEMA-Remote-Connect-1.0-SP3-HF1-Open-Redirection.html), [Reference 2](http://seclists.org/fulldisclosure/2022/Feb/20), [Reference 3](https://cert-portal.siemens.com/productcert/pdf/ssa-654775.pdf).