First published: Tue Jun 14 2022(Updated: )
A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens Teamcenter Active Workspace | >=5.2<5.2.9 | |
Siemens Teamcenter Active Workspace | >=6.0<6.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Teamcenter Active Workspace vulnerability is CVE-2022-32145.
The severity of CVE-2022-32145 is medium with a CVSS score of 6.1.
CVE-2022-32145 affects Siemens Teamcenter Active Workspace versions prior to V5.2.9 and V6.0.3.
The CWE ID for this vulnerability is CWE-79.
An attacker can exploit CVE-2022-32145 by injecting and executing malicious script code through a reflected cross-site scripting (XSS) attack in the affected web interface.