Vulnerabilities > CVE-2022-43958 - Unspecified vulnerability in Siemens QMS Automotive

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

siemens

NVD

Published: 2022-11-08

Updated: 2024-11-21

Summary

A vulnerability has been identified in QMS Automotive (All versions < V12.39), QMS Automotive (All versions < V12.39). User credentials are stored in plaintext in the database without any hashing mechanism. This could allow an attacker to gain access to credentials and impersonate other users.

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens QMS Automotive *	1

References

https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf