CVE-2022-34659 β€” Sensitive Information Exposure in Siemens Simcenter Star-ccm

CWE-200 β€” Sensitive Information Exposure3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 43.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Siemens Simcenter Star-ccm
Timeline
PublishedAug 10
Latest updateAug 11

Description

A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used). Affected applications expose user, host and display name of users, when the public license server is used. This could allow an attacker to retrieve this information.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

β–ΆCVEListV5siemens/simcenter_star-ccmAll versions only if the Power-on-Demand public license server is used

πŸ”΄Vulnerability Details

2
GHSA
GHSA-7jc3-54w2-9q65: A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used)β†—2022-08-11
β–Ά
CVEList
CVE-2022-34659: A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used)β†—2022-08-10
β–Ά
CVE-2022-34659 β€” Sensitive Information Exposure | cvebase