Description
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.
Affected products
- Siemens / SINEMA Remote Connect ServerAll versions < V3.0 – All versions < V3.0