Security Advisory

CVE-2022-27221

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-14 09:21:43

Last updated 2025-04-21 13:53:16

Assigner siemens

State PUBLISHED

Description

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack.

← Browse all CVEs View on cve.org ↗