cnvd - cnvd-2025-03710

cnvd-2025-03710

Vulnerability from cnvd

Title: Siemens Teamcenter重定向漏洞

Description:

Teamcenter软件是一个适应性强的现代化产品生命周期管理（PLM）系统，它通过数字主线跨越功能孤岛将人员和流程连接起来，以实现创新。

Siemens Teamcenter SSO登录服务存在重定向漏洞，攻击者可利用漏洞将合法用户重定向到攻击者选择的 URL，以窃取有效的会话数据。

Severity: 高

Formal description:

厂商尚未提供漏洞修复方案，请关注厂商主页更新： http://www.siemens.com/

Reference: https://cert-portal.siemens.com/productcert/html/ssa-656895.html

Impacted products

Name
Siemens Teamcenter

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-23363"
    }
  },
  "description": "Teamcenter\u8f6f\u4ef6\u662f\u4e00\u4e2a\u9002\u5e94\u6027\u5f3a\u7684\u73b0\u4ee3\u5316\u4ea7\u54c1\u751f\u547d\u5468\u671f\u7ba1\u7406 \uff08PLM\uff09 \u7cfb\u7edf\uff0c\u5b83\u901a\u8fc7\u6570\u5b57\u4e3b\u7ebf\u8de8\u8d8a\u529f\u80fd\u5b64\u5c9b\u5c06\u4eba\u5458\u548c\u6d41\u7a0b\u8fde\u63a5\u8d77\u6765\uff0c\u4ee5\u5b9e\u73b0\u521b\u65b0\u3002\n\nSiemens Teamcenter SSO\u767b\u5f55\u670d\u52a1\u5b58\u5728\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5c06\u5408\u6cd5\u7528\u6237\u91cd\u5b9a\u5411\u5230\u653b\u51fb\u8005\u9009\u62e9\u7684 URL\uff0c\u4ee5\u7a83\u53d6\u6709\u6548\u7684\u4f1a\u8bdd\u6570\u636e\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a \r\nhttp://www.siemens.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-03710",
  "openTime": "2025-02-27",
  "products": {
    "product": "Siemens Teamcenter"
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-656895.html",
  "serverity": "\u9ad8",
  "submitTime": "2025-02-26",
  "title": "Siemens Teamcenter\u91cd\u5b9a\u5411\u6f0f\u6d1e"
}

CVE-2025-23363 (GCVE-0-2025-23363)

Vulnerability from cvelistv5

Published

2025-02-11 10:29

Modified

2025-06-10 15:17

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
6.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N

CWE

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Summary

A vulnerability has been identified in Teamcenter V14.1 (All versions), Teamcenter V14.2 (All versions), Teamcenter V14.3 (All versions < V14.3.0.14), Teamcenter V2312 (All versions < V2312.0010), Teamcenter V2406 (All versions < V2406.0008), Teamcenter V2412 (All versions < V2412.0004). The SSO login service of affected applications accepts user-controlled input that could specify a link to an external site. This could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-656895.html

Impacted products

Vendor

Product

Version

▼

Siemens

Teamcenter V14.1

Version: 0 < *

Siemens	Teamcenter V14.2	Version: 0 < *
Siemens	Teamcenter V14.3	Version: 0 < V14.3.0.14
Siemens	Teamcenter V2312	Version: 0 < V2312.0010
Siemens	Teamcenter V2406	Version: 0 < V2406.0008
Siemens	Teamcenter V2412	Version: 0 < V2412.0004

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-23363",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T16:25:01.651412Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:50:41.213Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Teamcenter V14.1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Teamcenter V14.2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Teamcenter V14.3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V14.3.0.14",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Teamcenter V2312",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2312.0010",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Teamcenter V2406",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2406.0008",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Teamcenter V2412",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2412.0004",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Teamcenter V14.1 (All versions), Teamcenter V14.2 (All versions), Teamcenter V14.3 (All versions \u003c V14.3.0.14), Teamcenter V2312 (All versions \u003c V2312.0010), Teamcenter V2406 (All versions \u003c V2406.0008), Teamcenter V2412 (All versions \u003c V2412.0004). The SSO login service of affected applications accepts user-controlled input that could specify a link to an external site. This could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. For a successful exploit, the legitimate user must actively click on an attacker-crafted link."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-10T15:17:22.287Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-656895.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2025-23363",
    "datePublished": "2025-02-11T10:29:02.933Z",
    "dateReserved": "2025-01-14T14:01:39.192Z",
    "dateUpdated": "2025-06-10T15:17:22.287Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted