PT-2021-21567 · Siemens · Sinema Remote Connect Server

Published

2021-09-14

Updated

2021-09-23

CVE-2021-37191

CVSS v3.1

4.3

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions SINEMA Remote Connect Server versions prior to V3.0 SP2

Description A vulnerability has been identified that allows an unauthenticated attacker in the same network as the affected system to brute force usernames from the affected software.

Recommendations For versions prior to V3.0 SP2, update to V3.0 SP2 or later to resolve the issue. As a temporary workaround, consider restricting network access to the SINEMA Remote Connect Server to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-799

Related Identifiers

CVE-2021-37191

Affected Products

Sinema Remote Connect Server

PT-2021-21567 · Siemens · Sinema Remote Connect Server

CVE-2021-37191

Weakness Enumeration

Related Identifiers

Affected Products

References · 4