Reflected Cross-Site Scripting Vulnerability in Siemens Teamcenter Active Workspace
CVE-2022-32145

6.1MEDIUM

Key Information:

Vendor
Siemens
Status
Teamcenter Active Workspace V5.2
Teamcenter Active Workspace V6.0
Vendor
CVE Published:
14 June 2022

Summary

A vulnerability affecting Siemens Teamcenter Active Workspace allows reflected cross-site scripting, enabling attackers to execute arbitrary code by tricking users into clicking malicious links. This flaw affects versions of Teamcenter Active Workspace prior to V5.2.9 and V6.0.3, highlighting the importance of software updates and user awareness in mitigating potential threats.

Affected Version(s)

Teamcenter Active Workspace V5.2 All versions < V5.2.9

Teamcenter Active Workspace V6.0 All versions < V6.0.3

References

https://cert-portal.siemens.com/productcert/pdf/ssa-40116...
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.