CVE-2021-40355
published 2021-09-14CVE-2021-40355: A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The affected application contains Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to use user-supplied input to access objects directly.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | teamcenter_v12.4 | — | — |
| siemens | teamcenter_v13.0 | — | — |
| siemens | teamcenter_v13.1 | — | — |
| siemens | teamcenter_v13.2 | — | — |
| siemens | teamcenter_visualization | >= 12.4.0 < 12.4.0.8 | 12.4.0.8 |
| siemens | teamcenter_visualization | >= 13.0.0 < 13.0.0.7 | 13.0.0.7 |
| siemens | teamcenter_visualization | >= 13.1.0 < 13.1.0.5 | 13.1.0.5 |
| siemens | teamcenter_visualization | >= 13.2.0 < 13.2.0.2 | 13.2.0.2 |