cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2022-34661,https://securityvulnerability.io/vulnerability/CVE-2022-34661,Denial of Service Vulnerability in Teamcenter by Siemens,"A vulnerability exists in the File Server Cache service of Teamcenter which can be exploited to cause a denial of service condition. Attackers may leverage this vulnerability by creating infinite loops, effectively consuming CPU cycles and rendering the service unavailable. This issue affects multiple versions of Teamcenter, underscoring the importance of promptly applying security updates to mitigate the risk.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2,Teamcenter V13.3,Teamcenter V14.0",7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-08-10T11:18:08.000Z,0 CVE-2022-34660,https://securityvulnerability.io/vulnerability/CVE-2022-34660,Command Injection Vulnerability in Teamcenter Products by Siemens,"A vulnerability has been detected in multiple versions of Siemens Teamcenter, specifically in the File Server Cache service. This flaw allows for potential command injection, which could enable an attacker to execute arbitrary commands remotely. Affected versions include Teamcenter V12.4, V13.0, V13.1, V13.2, V13.3, and V14.0, each with specific version thresholds that, if not updated, may expose systems to significant risks. Users are advised to apply the necessary patches to mitigate this vulnerability.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2,Teamcenter V13.3,Teamcenter V14.0",9.8,CRITICAL,0.0027799999807029963,false,,false,false,false,,,false,false,,2022-08-10T11:18:01.000Z,0 CVE-2022-31619,https://securityvulnerability.io/vulnerability/CVE-2022-31619,Default Hardcoded Credentials in Teamcenter by Siemens,A security vulnerability exists in Teamcenter due to the presence of default hardcoded credentials within the Java EE Server Manager HTML Adaptor. This flaw allows unauthorized users with access to the application to execute a range of actions that could lead to remote code execution with elevated permissions. Users are urged to review and update to the latest versions to mitigate this risk.,Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2,Teamcenter V13.3,Teamcenter V14.0",8.8,HIGH,0.003280000062659383,false,,false,false,false,,,false,false,,2022-06-14T09:21:57.000Z,0 CVE-2022-29801,https://securityvulnerability.io/vulnerability/CVE-2022-29801,XML External Entity Injection in Teamcenter by Siemens,"A vulnerability has been discovered in Siemens Teamcenter that involves XML External Entity Injection (XXE). This flaw allows attackers to exploit the application's XML parser by injecting malicious XML content. As a result, unauthorized users may gain access to sensitive files on the application server's filesystem, which could lead to further exploitation of the server environment. This issue affects Teamcenter versions prior to V12.4.0.13 and V13.0.0.9, highlighting the importance of ensuring timely updates and patches to mitigate potential security risks.",Siemens,"Teamcenter V12.4,Teamcenter V13.0",7.5,HIGH,0.0016899999463930726,false,,false,false,false,,,false,false,,2022-05-20T13:15:00.000Z,0 CVE-2022-24290,https://securityvulnerability.io/vulnerability/CVE-2022-24290,Stack Overflow Vulnerability in Teamcenter by Siemens,"A vulnerability exists in multiple versions of Teamcenter where the tcserver.exe binary can experience a stack overflow due to improper parsing of user input. This flaw can result in the binary crashing, potentially disrupting service and affecting the overall functionality of the application. Users of the affected Teamcenter versions should consider applying necessary updates or patches to mitigate this vulnerability.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2,Teamcenter V13.3,Teamcenter V14.0",7.5,HIGH,0.0009899999713525176,false,,false,false,false,,,false,false,,2022-05-20T13:15:00.000Z,0 CVE-2021-40356,https://securityvulnerability.io/vulnerability/CVE-2021-40356,XML External Entity Injection Vulnerability in Teamcenter by Siemens,"An XML External Entity Injection vulnerability has been detected in multiple versions of Teamcenter, enabling potential attackers to access and view sensitive files on the application server's filesystem. This issue affects several iterations of Teamcenter, including V12.4, V13.0, V13.1, and V13.2, if they are below their specified versions. Mitigation measures should be taken to secure the application against unauthorized file access.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2",7.5,HIGH,0.0014799999771639705,false,,false,false,false,,,false,false,,2021-09-14T10:48:00.000Z,0 CVE-2021-40355,https://securityvulnerability.io/vulnerability/CVE-2021-40355,Insecure Direct Object Reference in Siemens Teamcenter Affected Versions,"A vulnerability exists in Siemens Teamcenter that allows an attacker to exploit Insecure Direct Object Reference (IDOR). This weakness enables unauthorized users to access sensitive objects through manipulated user input. Specific affected versions include Teamcenter V12.4 (pre-V12.4.0.8), V13.0 (pre-V13.0.0.7), V13.1 (pre-V13.1.0.5), and V13.2 (pre-V13.2.0.2). It is crucial for users to apply the necessary patches or updates to safeguard against potential exploits. For detailed information, refer to the Siemens advisory.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2",8.8,HIGH,0.0009200000204145908,false,,false,false,false,,,false,false,,2021-09-14T10:47:59.000Z,0 CVE-2021-40354,https://securityvulnerability.io/vulnerability/CVE-2021-40354,Access Control Flaw in Siemens Teamcenter Affecting User Profiles,"A vulnerability exists in Siemens Teamcenter that allows unauthorized access due to insufficient access controls within the 'surrogate' functionality of user profiles. This flaw can enable any user to access tasks assigned to other users through the 'inbox/surrogate tasks' feature, potentially leading to unauthorized account access and manipulation.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2",7.1,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2021-09-14T10:47:58.000Z,0