Unrated severityNVD Advisory· Published Nov 8, 2022· Updated Apr 21, 2025

CVE-2022-43958

Description

A vulnerability has been identified in QMS Automotive (All versions < V12.39), QMS Automotive (All versions < V12.39). User credentials are stored in plaintext in the database without any hashing mechanism. This could allow an attacker to gain access to credentials and impersonate other users.

Affected products

Siemens Foundation/QMS Automotivellm-create2 versions
< V12.39+ 1 more
- (no CPE)range: < V12.39
- (no CPE)range: All versions < V12.39

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/pdf/ssa-147266.pdfmitre
cert-portal.siemens.com/productcert/pdf/ssa-587547.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000