A vulnerability has been identified in QMS Automotive (All versions). User credentials are stored in plaintext in the database. This could allow an attacker to gain access to credentials and impersonate other users.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf | |
https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf | Mitigation Vendor Advisory |
Configurations
History
09 Nov 2022, 17:19
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:siemens:qms_automotive:*:*:*:*:*:*:*:* | |
References | (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf - Mitigation, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
CWE | CWE-312 |
08 Nov 2022, 13:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-08 11:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-43958
Mitre link : CVE-2022-43958
CVE.ORG link : CVE-2022-43958
JSON object : View
Products Affected
siemens
- qms_automotive