CVE-2022-32260
First published: Tue Jun 14 2022(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios.
Credit: productcert@siemens.com productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens SINEMA Remote Connect Server | <3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this SINEMA Remote Connect Server vulnerability?
The vulnerability ID for this SINEMA Remote Connect Server vulnerability is CVE-2022-32260.
What is the severity of CVE-2022-32260?
The severity of CVE-2022-32260 is critical with a score of 9.8.
What is the affected software version for CVE-2022-32260?
All versions of SINEMA Remote Connect Server prior to V3.1 are affected by CVE-2022-32260.
What is the impact of the vulnerability CVE-2022-32260?
The vulnerability CVE-2022-32260 allows an attacker to bypass authentication using temporary user credentials for UMC (User Management Component) users.
Where can I find more information about CVE-2022-32260?
You can find more information about CVE-2022-32260 here: [https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf](https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf)
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/tags
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/siemens
- canonical/siemens sinema remote connect server