CVE-2022-33736
First published: Tue Jul 12 2022(Updated: )
A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials.
Credit: productcert@siemens.com productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Opcenter Quality | >=13.1.0<13.1.20220624 | |
| Siemens Opcenter Quality | >=13.2.0<13.2.20220624 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-33736?
The severity of CVE-2022-33736 is high with a CVSS score of 7.5.
Which versions of Opcenter Quality are affected by CVE-2022-33736?
Opcenter Quality versions prior to V13.1.20220624 and V13.2.20220624 are affected by CVE-2022-33736.
What is the CWE ID for CVE-2022-33736?
The CWE ID for CVE-2022-33736 is CWE-287 and CWE-303.
How can this vulnerability be exploited?
This vulnerability can be exploited by an attacker who can provide incorrect login information during authentication.
Is there a fix available for CVE-2022-33736?
Yes, the fix for CVE-2022-33736 is to upgrade to Opcenter Quality V13.1.20220624 or V13.2.20220624.
- collector/nvd-index
- agent/author
- agent/weakness
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/references
- agent/severity
- agent/tags
- agent/description
- agent/event
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- vendor/siemens
- canonical/siemens opcenter quality
- version/siemens opcenter quality/13.1.0
- version/siemens opcenter quality/13.2.0