Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The "surrogate" functionality on the user profile of the application does not perform sufficient access control that could lead to an account takeover. Any profile on the application can perform this attack and access any other user assigned tasks via the "inbox/surrogate tasks".
CVSS Information
N/A
Vulnerability Type
特权定义了不安全动作
Vulnerability Title
Siemens Teamcenter 权限许可和访问控制问题漏洞
Vulnerability Description
Siemens Teamcenter是德国西门子(Siemens)公司的一套产品生命周期管理计算机软件应用程序。 Teamcenter 存在权限许可和访问控制问题漏洞。应用程序用户配置文件上的 surrogate 功能没有执行足够的访问控制,可能导致帐户接管。 应用程序上的任何配置文件都可以执行此攻击并通过 inbox/surrogate tasks 访问任何其他用户分配的任务。
CVSS Information
N/A
Vulnerability Type
N/A