Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for Teamcenter V14.0 by Siemens

    CVE-2022-34661 (GCVE-0-2022-34661)

    Vulnerability from nvd – Published: 2022-08-10 11:18 – Updated: 2025-09-03 19:06
    VLAI
    Summary
    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:15:15.673Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34661",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-03T19:06:05.243330Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-03T19:06:28.341Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Teamcenter V12.4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V12.4.0.15"
                }
              ]
            },
            {
              "product": "Teamcenter V13.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.0.0.10"
                }
              ]
            },
            {
              "product": "Teamcenter V13.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.1.0.10"
                }
              ]
            },
            {
              "product": "Teamcenter V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.5"
                }
              ]
            },
            {
              "product": "Teamcenter V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.15), Teamcenter V13.0 (All versions \u003c V13.0.0.10), Teamcenter V13.1 (All versions \u003c V13.1.0.10), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.5), Teamcenter V14.0 (All versions \u003c V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-10T11:18:07.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2022-34661",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Teamcenter V12.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V12.4.0.15"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.0.0.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.1.0.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.2.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.3.0.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V14.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V14.0.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.15), Teamcenter V13.0 (All versions \u003c V13.0.0.10), Teamcenter V13.1 (All versions \u003c V13.1.0.10), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.5), Teamcenter V14.0 (All versions \u003c V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-34661",
        "datePublished": "2022-08-10T11:18:08.000Z",
        "dateReserved": "2022-06-27T00:00:00.000Z",
        "dateUpdated": "2025-09-03T19:06:28.341Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34660 (GCVE-0-2022-34660)

    Vulnerability from nvd – Published: 2022-08-10 11:18 – Updated: 2025-09-08 18:46
    VLAI
    Summary
    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:15:15.868Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.8,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34660",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T18:46:12.230495Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T18:46:50.735Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Teamcenter V12.4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V12.4.0.15"
                }
              ]
            },
            {
              "product": "Teamcenter V13.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.0.0.10"
                }
              ]
            },
            {
              "product": "Teamcenter V13.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.1.0.10"
                }
              ]
            },
            {
              "product": "Teamcenter V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.5"
                }
              ]
            },
            {
              "product": "Teamcenter V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.15), Teamcenter V13.0 (All versions \u003c V13.0.0.10), Teamcenter V13.1 (All versions \u003c V13.1.0.10), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.5), Teamcenter V14.0 (All versions \u003c V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-10T11:18:01.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2022-34660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Teamcenter V12.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V12.4.0.15"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.0.0.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.1.0.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.2.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.3.0.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V14.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V14.0.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.15), Teamcenter V13.0 (All versions \u003c V13.0.0.10), Teamcenter V13.1 (All versions \u003c V13.1.0.10), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.5), Teamcenter V14.0 (All versions \u003c V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-34660",
        "datePublished": "2022-08-10T11:18:01.000Z",
        "dateReserved": "2022-06-27T00:00:00.000Z",
        "dateUpdated": "2025-09-08T18:46:50.735Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-31619 (GCVE-0-2022-31619)

    Vulnerability from nvd – Published: 2022-06-14 09:21 – Updated: 2024-08-03 07:26
    VLAI
    Summary
    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions.
    Severity
    No CVSS data available.
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T07:26:00.834Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Teamcenter V12.4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V12.4.0.13"
                }
              ]
            },
            {
              "product": "Teamcenter V13.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.0.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.1.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.3"
                }
              ]
            },
            {
              "product": "Teamcenter V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.13), Teamcenter V13.0 (All versions \u003c V13.0.0.9), Teamcenter V13.1 (All versions \u003c V13.1.0.9), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.3), Teamcenter V14.0 (All versions \u003c V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798: Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-10T11:17:45.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2022-31619",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Teamcenter V12.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V12.4.0.13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.0.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.1.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.2.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.3.0.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V14.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V14.0.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.13), Teamcenter V13.0 (All versions \u003c V13.0.0.9), Teamcenter V13.1 (All versions \u003c V13.1.0.9), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.3), Teamcenter V14.0 (All versions \u003c V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-798: Use of Hard-coded Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-31619",
        "datePublished": "2022-06-14T09:21:57.000Z",
        "dateReserved": "2022-05-25T00:00:00.000Z",
        "dateUpdated": "2024-08-03T07:26:00.834Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24290 (GCVE-0-2022-24290)

    Vulnerability from nvd – Published: 2022-05-10 09:46 – Updated: 2024-08-03 04:07
    VLAI
    Summary
    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash.
    Severity
    No CVSS data available.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:07:02.458Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Teamcenter V12.4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V12.4.0.13"
                }
              ]
            },
            {
              "product": "Teamcenter V13.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.0.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "Teamcenter V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.8"
                }
              ]
            },
            {
              "product": "Teamcenter V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.3"
                }
              ]
            },
            {
              "product": "Teamcenter V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.13), Teamcenter V13.0 (All versions \u003c V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions \u003c V13.2.0.8), Teamcenter V13.3 (All versions \u003c V13.3.0.3), Teamcenter V14.0 (All versions \u003c V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-10T11:17:31.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2022-24290",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Teamcenter V12.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V12.4.0.13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.0.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.2.0.8"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.3.0.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V14.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V14.0.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.13), Teamcenter V13.0 (All versions \u003c V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions \u003c V13.2.0.8), Teamcenter V13.3 (All versions \u003c V13.3.0.3), Teamcenter V14.0 (All versions \u003c V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-24290",
        "datePublished": "2022-05-10T09:46:58.000Z",
        "dateReserved": "2022-02-01T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:07:02.458Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34661 (GCVE-0-2022-34661)

    Vulnerability from cvelistv5 – Published: 2022-08-10 11:18 – Updated: 2025-09-03 19:06
    VLAI
    Summary
    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:15:15.673Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34661",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-03T19:06:05.243330Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-03T19:06:28.341Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Teamcenter V12.4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V12.4.0.15"
                }
              ]
            },
            {
              "product": "Teamcenter V13.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.0.0.10"
                }
              ]
            },
            {
              "product": "Teamcenter V13.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.1.0.10"
                }
              ]
            },
            {
              "product": "Teamcenter V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.5"
                }
              ]
            },
            {
              "product": "Teamcenter V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.15), Teamcenter V13.0 (All versions \u003c V13.0.0.10), Teamcenter V13.1 (All versions \u003c V13.1.0.10), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.5), Teamcenter V14.0 (All versions \u003c V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-10T11:18:07.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2022-34661",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Teamcenter V12.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V12.4.0.15"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.0.0.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.1.0.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.2.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.3.0.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V14.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V14.0.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.15), Teamcenter V13.0 (All versions \u003c V13.0.0.10), Teamcenter V13.1 (All versions \u003c V13.1.0.10), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.5), Teamcenter V14.0 (All versions \u003c V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-34661",
        "datePublished": "2022-08-10T11:18:08.000Z",
        "dateReserved": "2022-06-27T00:00:00.000Z",
        "dateUpdated": "2025-09-03T19:06:28.341Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34660 (GCVE-0-2022-34660)

    Vulnerability from cvelistv5 – Published: 2022-08-10 11:18 – Updated: 2025-09-08 18:46
    VLAI
    Summary
    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:15:15.868Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.8,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34660",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T18:46:12.230495Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T18:46:50.735Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Teamcenter V12.4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V12.4.0.15"
                }
              ]
            },
            {
              "product": "Teamcenter V13.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.0.0.10"
                }
              ]
            },
            {
              "product": "Teamcenter V13.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.1.0.10"
                }
              ]
            },
            {
              "product": "Teamcenter V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.5"
                }
              ]
            },
            {
              "product": "Teamcenter V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.15), Teamcenter V13.0 (All versions \u003c V13.0.0.10), Teamcenter V13.1 (All versions \u003c V13.1.0.10), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.5), Teamcenter V14.0 (All versions \u003c V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-10T11:18:01.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2022-34660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Teamcenter V12.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V12.4.0.15"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.0.0.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.1.0.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.2.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.3.0.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V14.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V14.0.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.15), Teamcenter V13.0 (All versions \u003c V13.0.0.10), Teamcenter V13.1 (All versions \u003c V13.1.0.10), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.5), Teamcenter V14.0 (All versions \u003c V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-34660",
        "datePublished": "2022-08-10T11:18:01.000Z",
        "dateReserved": "2022-06-27T00:00:00.000Z",
        "dateUpdated": "2025-09-08T18:46:50.735Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-31619 (GCVE-0-2022-31619)

    Vulnerability from cvelistv5 – Published: 2022-06-14 09:21 – Updated: 2024-08-03 07:26
    VLAI
    Summary
    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions.
    Severity
    No CVSS data available.
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T07:26:00.834Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Teamcenter V12.4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V12.4.0.13"
                }
              ]
            },
            {
              "product": "Teamcenter V13.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.0.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.1.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.3"
                }
              ]
            },
            {
              "product": "Teamcenter V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.13), Teamcenter V13.0 (All versions \u003c V13.0.0.9), Teamcenter V13.1 (All versions \u003c V13.1.0.9), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.3), Teamcenter V14.0 (All versions \u003c V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798: Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-10T11:17:45.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2022-31619",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Teamcenter V12.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V12.4.0.13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.0.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.1.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.2.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.3.0.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V14.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V14.0.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.13), Teamcenter V13.0 (All versions \u003c V13.0.0.9), Teamcenter V13.1 (All versions \u003c V13.1.0.9), Teamcenter V13.2 (All versions \u003c V13.2.0.9), Teamcenter V13.3 (All versions \u003c V13.3.0.3), Teamcenter V14.0 (All versions \u003c V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-798: Use of Hard-coded Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-31619",
        "datePublished": "2022-06-14T09:21:57.000Z",
        "dateReserved": "2022-05-25T00:00:00.000Z",
        "dateUpdated": "2024-08-03T07:26:00.834Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24290 (GCVE-0-2022-24290)

    Vulnerability from cvelistv5 – Published: 2022-05-10 09:46 – Updated: 2024-08-03 04:07
    VLAI
    Summary
    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash.
    Severity
    No CVSS data available.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:07:02.458Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Teamcenter V12.4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V12.4.0.13"
                }
              ]
            },
            {
              "product": "Teamcenter V13.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.0.0.9"
                }
              ]
            },
            {
              "product": "Teamcenter V13.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "Teamcenter V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.8"
                }
              ]
            },
            {
              "product": "Teamcenter V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.3"
                }
              ]
            },
            {
              "product": "Teamcenter V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.13), Teamcenter V13.0 (All versions \u003c V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions \u003c V13.2.0.8), Teamcenter V13.3 (All versions \u003c V13.3.0.3), Teamcenter V14.0 (All versions \u003c V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-10T11:17:31.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2022-24290",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Teamcenter V12.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V12.4.0.13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.0.0.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.2.0.8"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V13.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V13.3.0.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Teamcenter V14.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V14.0.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Teamcenter V12.4 (All versions \u003c V12.4.0.13), Teamcenter V13.0 (All versions \u003c V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions \u003c V13.2.0.8), Teamcenter V13.3 (All versions \u003c V13.3.0.3), Teamcenter V14.0 (All versions \u003c V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-24290",
        "datePublished": "2022-05-10T09:46:58.000Z",
        "dateReserved": "2022-02-01T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:07:02.458Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }