4.3
CVE-2021-37191
- EPSS 0.1%
- Veröffentlicht 14.09.2021 11:15:26
- Zuletzt bearbeitet 23.04.2025 20:15:29
- Quelle productcert@siemens.com
- CVE-Watchlists
- Unerledigt
LoginA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could brute force the usernames from the affected software.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Sinema Remote Connect Server Version < 3.0
Siemens ≫ Sinema Remote Connect Server Version3.0 Update-
Siemens ≫ Sinema Remote Connect Server Version3.0 Updatesp1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.249 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:P/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-799 Improper Control of Interaction Frequency
The product does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests.