Siemens SINEMA Remote Connect Server up to 3.0 SP1 Syslog Client access control

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Siemens SINEMA Remote Connect Server up to 3.0 SP1. It has been classified as critical. Affected is some unknown processing of the component Syslog Client Handler. Applying the patch 3.0 SP2 is able to eliminate this problem.

Field09/14/2021 03:41 PM09/16/2021 07:58 PM
vendorSiemensSiemens
nameSINEMA Remote Connect ServerSINEMA Remote Connect Server
version<=3.0 SP1<=3.0 SP1
componentSyslog Client HandlerSyslog Client Handler
cwe284 (privilege escalation)284 (privilege escalation)
risk22
cvss3_vuldb_avAA
cvss3_vuldb_acHH
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
identifierssa-334944ssa-334944
urlhttps://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf
namePatchPatch
patch_name3.0 SP23.0 SP2
cveCVE-2021-37177CVE-2021-37177
cve_assigned16268184001626818400
date1631570400 (09/14/2021)1631570400 (09/14/2021)
cvss2_vuldb_avAA
cvss2_vuldb_acHH
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_eNDND
cvss3_vuldb_eXX
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore3.73.7
cvss3_vuldb_basescore5.05.0
cvss3_vuldb_tempscore4.84.8
cvss3_meta_basescore5.05.0
cvss3_meta_tempscore4.84.8
price_0day$5k-$25k$5k-$25k
cve_nvd_summaryA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The status provided by the syslog clients managed by the affected software can be manipulated by an unauthenticated attacker in the same network of the affected system.

Might our Artificial Intelligence support you?

Check our Alexa App!