CVE-2022-32260
published 2022-06-14CVE-2022-32260: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary user credentials for…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sinema_remote_connect_server | < V3.2 SP1 | V3.2 SP1 |
| siemens | sinema_remote_connect_server | < 3.1 | 3.1 |