CVE-2021-37191
Published on: 09/14/2021 12:00:00 AM UTC
Last Modified on: 09/23/2021 07:13:00 PM UTC
Certain versions of Sinema Remote Connect Server from Siemens contain the following vulnerability:
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could brute force the usernames from the affected software.
- CVE-2021-37191 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
- Affected Vendor/Software:
Siemens - SINEMA Remote Connect Server version All versions < V3.0 SP2
CVSS3 Score: 4.3 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
ADJACENT_NETWORK | LOW | NONE | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | LOW | NONE | NONE |
CVSS2 Score: 3.3 - LOW
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
ADJACENT_NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | NONE | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
cert-portal.siemens.com application/pdf |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Siemens | Sinema Remote Connect Server | All | All | All | All |
Application | Siemens | Sinema Remote Connect Server | 3.0 | - | All | All |
Application | Siemens | Sinema Remote Connect Server | 3.0 | sp1 | All | All |
- cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*:
- cpe:2.3:a:siemens:sinema_remote_connect_server:3.0:-:*:*:*:*:*:*:
- cpe:2.3:a:siemens:sinema_remote_connect_server:3.0:sp1:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
CVE-2021-37191 : A vulnerability has been identified in SINEMA Remote Connect Server All versions < V3.0 SP2 . An… twitter.com/i/web/status/1… | 2021-09-14 11:01:24 |
![]() |
CVE-2021-37191 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An un… twitter.com/i/web/status/1… | 2021-09-15 07:09:32 |