A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the product without adequate protection.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Apr 2021, 14:46
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:a:siemens:qms_automotive:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:* |
22 Apr 2021, 21:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-22 21:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-27389
Mitre link : CVE-2021-27389
CVE.ORG link : CVE-2021-27389
JSON object : View
Products Affected
siemens
- opcenter_quality
- qms_automotive
CWE
CWE-321
Use of Hard-coded Cryptographic Key