Описание
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker.
Уязвимые конфигурации
Конфигурация 1Версия до 3.1 (исключая)
cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00292
Низкий
4.3 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-532
CWE-532
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker.
EPSS
Процентиль: 52%
0.00292
Низкий
4.3 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-532
CWE-532