CVE-2022-32251
First published: Tue Jun 14 2022(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user.
Credit: productcert@siemens.com productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens SINEMA Remote Connect Server | <3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this SINEMA Remote Connect Server vulnerability?
The vulnerability ID for this SINEMA Remote Connect Server vulnerability is CVE-2022-32251.
What is the severity of CVE-2022-32251?
The severity of CVE-2022-32251 is critical, with a severity value of 9.8.
What is the affected software and version for CVE-2022-32251?
The affected software for CVE-2022-32251 is Siemens SINEMA Remote Connect Server, all versions prior to V3.1.
What is the CWE ID for CVE-2022-32251?
The CWE ID for CVE-2022-32251 is CWE-306.
How can I fix the vulnerability CVE-2022-32251?
To fix the vulnerability CVE-2022-32251, it is recommended to update SINEMA Remote Connect Server to version 3.1 or later.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/tags
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/siemens
- canonical/siemens sinema remote connect server