Описание
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session establishment.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.2 (исключая)
Одно из
cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:-:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:hf1:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:sp1:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00231
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-384
Связанные уязвимости
CVSS3: 4.3
github
больше 1 года назад
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session establishment.
EPSS
Процентиль: 46%
0.00231
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-384