Vulnerabilities (CVE)

Filtered by vendor Siemens Subscribe
Filtered by product Teamcenter Active Workspace
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32145 1 Siemens 1 Teamcenter Active Workspace 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link.
CVE-2021-41547 1 Siemens 1 Teamcenter Active Workspace 2024-11-21 6.5 MEDIUM 7.2 HIGH
A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All versions < V5.0.10), Teamcenter Active Workspace V5.1 (All versions < V5.1.6), Teamcenter Active Workspace V5.2 (All versions < V5.2.3). The application contains an unsafe unzipping pattern that could lead to a zip path traversal attack. This could allow and attacker to execute a remote shell with admin rights.
CVE-2021-40357 1 Siemens 1 Teamcenter Active Workspace 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.10), Teamcenter Active Workspace V5.0 (All versions < V5.0.8), Teamcenter Active Workspace V5.1 (All versions < V5.1.5), Teamcenter Active Workspace V5.2 (All versions < V5.2.1). A path traversal vulnerability in the application could allow an attacker to bypass certain restrictions such as direct access to other services within the host.
CVE-2021-33711 1 Siemens 1 Teamcenter Active Workspace 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions < V5.1.4). The affected application allows verbose error messages which allow leaking of sensitive information, such as full paths.
CVE-2021-33710 1 Siemens 1 Teamcenter Active Workspace 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions < V5.1.4). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected devices that could allow an attacker to execute malicious JavaScript code by tricking users into accessing a malicious link.
CVE-2021-33709 1 Siemens 1 Teamcenter Active Workspace 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions < V5.1.4). By sending malformed requests, a remote attacker could leak an application token due to an error not properly handled by the system.