Security Advisory

CVE-2022-33137

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-12 10:06:44

Last updated 2024-08-03 08:01:19

Assigner siemens

State PUBLISHED

Description

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users sessions.

← Browse all CVEs View on cve.org ↗