CVE-2022-33736

HIGH

Opcenter Quality <V13.1.20220624-V13.2.20220624 - DoS

Title source: llm

Description

A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials.

References (1)

[Patch, Vendor Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf

Scores

CVSS v3 7.5

EPSS 0.0060

EPSS Percentile 69.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-287 CWE-303

Status published

Products (1)

siemens/opcenter_quality 13.1.0 - 13.1.20220624

Published Jul 12, 2022

Tracked Since Feb 18, 2026