Teamcenter Active Workspace Siemens Teamcenter Active Workspace

Do you want an email whenever new security vulnerabilities are reported in Siemens Teamcenter Active Workspace?

By the Year

In 2022 there have been 1 vulnerability in Siemens Teamcenter Active Workspace with an average score of 6.1 out of ten. Last year Teamcenter Active Workspace had 5 security vulnerabilities published. Right now, Teamcenter Active Workspace is on track to have less security vulnerabilities in 2022 than it did last year. However, the average CVE base score of the vulnerabilities in 2022 is greater by 0.54.

Year Vulnerabilities Average Score
2022 1 6.10
2021 5 5.56
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Teamcenter Active Workspace vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Siemens Teamcenter Active Workspace Security Vulnerabilities

A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9)

CVE-2022-32145 6.1 - Medium - June 14, 2022

A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link.

XSS

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11)

CVE-2021-41547 7.2 - High - December 14, 2021

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All versions < V5.0.10), Teamcenter Active Workspace V5.1 (All versions < V5.1.6), Teamcenter Active Workspace V5.2 (All versions < V5.2.3). The application contains an unsafe unzipping pattern that could lead to a zip path traversal attack. This could allow and attacker to execute a remote shell with admin rights.

Directory traversal

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.10)

CVE-2021-40357 4.9 - Medium - September 14, 2021

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.10), Teamcenter Active Workspace V5.0 (All versions < V5.0.8), Teamcenter Active Workspace V5.1 (All versions < V5.1.5), Teamcenter Active Workspace V5.2 (All versions < V5.2.1). A path traversal vulnerability in the application could allow an attacker to bypass certain restrictions such as direct access to other services within the host.

Directory traversal

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9)

CVE-2021-33711 5.3 - Medium - July 13, 2021

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions < V5.1.4). The affected application allows verbose error messages which allow leaking of sensitive information, such as full paths.

Generation of Error Message Containing Sensitive Information

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9)

CVE-2021-33710 6.1 - Medium - July 13, 2021

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions < V5.1.4). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected devices that could allow an attacker to execute malicious JavaScript code by tricking users into accessing a malicious link.

XSS

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9)

CVE-2021-33709 4.3 - Medium - July 13, 2021

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions < V5.1.4). By sending malformed requests, a remote attacker could leak an application token due to an error not properly handled by the system.

Information Disclosure

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Siemens Teamcenter Active Workspace or by Siemens? Click the Watch button to subscribe.

Siemens
Vendor

subscribe