CVE-2021-37191

MEDIUM

SINEMA Remote Connect Server <V3.0 SP2 - Info Disclosure

Title source: llm

Description

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could brute force the usernames from the affected software.

References (1)

[Patch, Vendor Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf

Scores

CVSS v3 4.3

EPSS 0.0010

EPSS Percentile 27.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-799

Status published

Affected Products (3)

siemens/sinema_remote_connect_server < 3.0

siemens/sinema_remote_connect_server

Timeline

Published Sep 14, 2021

Tracked Since Feb 18, 2026