First published: Tue Jun 14 2022(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to limited information.
Credit: productcert@siemens.com productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SINEMA Remote Connect Server | <3.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-32255 is medium with a CVSS score of 5.3.
The affected software for CVE-2022-32255 is Siemens SINEMA Remote Connect Server with all versions prior to V3.1.
The vulnerability type of CVE-2022-32255 is improper access control.
To prevent unauthorized access for CVE-2022-32255, it is recommended to update to version 3.1 or later of Siemens SINEMA Remote Connect Server.
More information about CVE-2022-32255 can be found at the Siemens CERT Portal: [Siemens CERT Portal](https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf)