VYPR
Unrated severityNVD Advisory· Published Jul 13, 2021· Updated Aug 3, 2024

CVE-2021-31892

CVE-2021-31892

Description

A vulnerability has been identified in SINUMERIK Analyse MyCondition (All versions), SINUMERIK Analyze MyPerformance (All versions), SINUMERIK Analyze MyPerformance /OEE-Monitor (All versions), SINUMERIK Analyze MyPerformance /OEE-Tuning (All versions), SINUMERIK Integrate Client 02 (All versions >= V02.00.12 < 02.00.18), SINUMERIK Integrate Client 03 (All versions >= V03.00.12 < 03.00.18), SINUMERIK Integrate Client 04 (V04.00.02 and all versions >= V04.00.15 < 04.00.18), SINUMERIK Integrate for Production 4.1 (All versions < V4.1 SP10 HF3), SINUMERIK Integrate for Production 5.1 (V5.1), SINUMERIK Manage MyMachines (All versions), SINUMERIK Manage MyMachines /Remote (All versions), SINUMERIK Manage MyMachines /Spindel Monitor (All versions), SINUMERIK Manage MyPrograms (All versions), SINUMERIK Manage MyResources /Programs (All versions), SINUMERIK Manage MyResources /Tools (All versions), SINUMERIK Manage MyTools (All versions), SINUMERIK Operate V4.8 (All versions < V4.8 SP8), SINUMERIK Operate V4.93 (All versions < V4.93 HF7), SINUMERIK Operate V4.94 (All versions < V4.94 HF5), SINUMERIK Optimize MyProgramming /NX-Cam Editor (All versions). Due to an error in a third-party dependency the ssl flags used for setting up a TLS connection to a server are overwitten with wrong settings. This results in a missing validation of the server certificate and thus in a possible TLS MITM szenario.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

23
  • All versions+ 1 more
    • (no CPE)range: All versions
    • (no CPE)range: All versions
  • >=V02.00.12 < 02.00.18+ 3 more
    • (no CPE)range: >=V02.00.12 < 02.00.18
    • (no CPE)range: All versions >= V02.00.12 < 02.00.18
    • (no CPE)range: All versions >= V03.00.12 < 03.00.18
    • (no CPE)range: V04.00.02 and all versions >= V04.00.15 < 04.00.18
  • < V4.8 SP8+ 3 more
    • (no CPE)range: < V4.8 SP8
    • (no CPE)range: All versions < V4.8 SP8
    • (no CPE)range: All versions < V4.93 HF7
    • (no CPE)range: All versions < V4.94 HF5
  • Siemens/SINUMERIK Analyze MyPerformancev5
    Range: All versions
  • Siemens/SINUMERIK Analyze MyPerformance /OEE-Monitorv5
    Range: All versions
  • Siemens/SINUMERIK Analyze MyPerformance /OEE-Tuningv5
    Range: All versions
  • Siemens/SINUMERIK Integrate for Production 4.1v5
    Range: All versions < V4.1 SP10 HF3
  • Siemens/SINUMERIK Integrate for Production 5.1v5
    Range: V5.1
  • Siemens/SINUMERIK Manage MyMachinesv5
    Range: All versions
  • Siemens/SINUMERIK Manage MyMachines /Remotev5
    Range: All versions
  • Siemens/SINUMERIK Manage MyMachines /Spindel Monitorv5
    Range: All versions
  • Siemens/SINUMERIK Manage MyProgramsv5
    Range: All versions
  • Siemens/SINUMERIK Manage MyResources /Programsv5
    Range: All versions
  • Siemens/SINUMERIK Manage MyResources /Toolsv5
    Range: All versions
  • Siemens/SINUMERIK Manage MyToolsv5
    Range: All versions
  • Siemens/SINUMERIK Optimize MyProgramming /NX-Cam Editorv5
    Range: All versions

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.