Published on: Not Yet Published
Last Modified on: 11/21/2022 05:53:00 PM UTC
Certain versions of Syngo Dynamics Cardiovascular Imaging And Information System from Siemens contain the following vulnerability:
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). An unauthenticated Server-Side Request Forgery (SSRF) vulnerability was identified in one of the web services exposed on the syngo Dynamics application that could allow for the leaking of NTLM credentials as well as local service enumeration.
- CVE-2022-42894 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
- Affected Vendor/Software: Siemens - syngo Dynamics version All versions < VA40G HF01
CVSS3 Score: 7.5 - HIGH
|Security Advisory|| www.siemens-healthineers.com |
Known Affected Configurations (CPE V2.3)
|Application||Siemens||Syngo Dynamics Cardiovascular Imaging And Information System||All||All||All||All|