CVE-2022-32251

Name of the Vulnerable Software and Affected Versions SINEMA Remote Connect Server versions prior to V3.1

Description A missing authentication verification for a resource used to change the roles and permissions of a user has been identified. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user.

Recommendations For versions prior to V3.1, update to version V3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the resource used for changing user roles and permissions to minimize the risk of exploitation.