Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-40357

Опубликовано: 14 сент. 2021
Источник: nvd
CVSS3: 4.9
CVSS2: 4
EPSS Низкий

Описание

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.10), Teamcenter Active Workspace V5.0 (All versions < V5.0.8), Teamcenter Active Workspace V5.1 (All versions < V5.1.5), Teamcenter Active Workspace V5.2 (All versions < V5.2.1). A path traversal vulnerability in the application could allow an attacker to bypass certain restrictions such as direct access to other services within the host.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:siemens:teamcenter_active_workspace:*:*:*:*:*:*:*:*
Версия от 4.3.0 (включая) до 4.3.10 (исключая)
cpe:2.3:a:siemens:teamcenter_active_workspace:*:*:*:*:*:*:*:*
Версия от 5.0.0 (включая) до 5.0.8 (исключая)
cpe:2.3:a:siemens:teamcenter_active_workspace:*:*:*:*:*:*:*:*
Версия от 5.1.0 (включая) до 5.1.5 (исключая)
cpe:2.3:a:siemens:teamcenter_active_workspace:*:*:*:*:*:*:*:*
Версия от 5.2.0 (включая) до 5.2.1 (исключая)

EPSS

Процентиль: 68%
0.0058
Низкий

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

github логотип

GHSA-mpq8-w9f5-qm6g

github
больше 3 лет назад

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.10), Teamcenter Active Workspace V5.0 (All versions < V5.0.8), Teamcenter Active Workspace V5.1 (All versions < V5.1.5), Teamcenter Active Workspace V5.2 (All versions < V5.2.1). A path traversal vulnerability in the application could allow an attacker to bypass certain restrictions such as direct access to other services within the host.

EPSS

Процентиль: 68%
0.0058
Низкий

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-22