Vulnerabilities > CVE-2020-25239 - Incorrect Authorization vulnerability in Siemens Sinema Remote Connect Server 1.1/2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |