CVE-2022-32259 MEDIUM

CVE-2022-32259

Vendor Siemens
Product SINEMA Remote Connect Server
Weakness CWE-1244
Published June 14, 2022
Last update August 3, 2024

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

What the vulnerability does

01Description

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration.

Key dates

02Disclosure timeline

June 14, 2022 CVE published
August 3, 2024 Record updated