CVE-2022-32259 | THREATINT

Description

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration.

PUBLISHED Reserved 2022-06-02 | Published 2022-06-14 | Updated 2024-08-03 | Assigner siemens

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

Problem types

CWE-1244: Internal Asset Exposed to Unsafe Debug Access Level or State

Product status

Default status

unknown

Any version before V3.1

affected

References

cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf

cert-portal.siemens.com/productcert/html/ssa-484086.html

cve.org (CVE-2022-32259)

nvd.nist.gov (CVE-2022-32259)

Download JSON