← Back to home
SIEMENS-SSA-911567  ·  Published 2022-06-14  ·  View on Siemens ProductCERT ↗

SSA-911567 V1.0: Missing HTTP headers in SINEMA Remote Connect Server before V3.0 SP2

CVSS N/A MEDIUM

Risk Summary

<p>SINEMA Remote Connect Server is missing HTTP security headers on the web server. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors.</p> <p>Siemens has released an update for the SINEMA Remote Connect Server and recommends to update to the latest version.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-911567 V1.0: Missing HTTP headers in SINEMA Remote Connect Server before V3.0 SP2 See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more