← back
CVE-2021-44522

CVE-2021-44522

EPSS 1.4%CWE-668
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal message broker system. This could allow an unauthenticated remote attacker to subscribe to arbitrary message queues.
Affected products
Siemens · SiPass integrated V2.76Siemens · SiPass integrated V2.80Siemens · SiPass integrated V2.85Siemens · Siveillance Identity V1.5Siemens · Siveillance Identity V1.6

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert-portal.siemens.com/productcert/pdf/ssa-160202.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-463116.pdf