Primary

Context

Siemens Teamcenter Open Redirect Vulnerability in SSO Login Service

Vulnerability

An open redirect vulnerability has been identified in the SSO login service of Siemens Teamcenter versions 14.1, 14.2, 14.3, V2312, V2406, and V2412. The vulnerability allows an attacker to redirect users to an external URL of their choice, potentially leading to the theft of session data. Exploitation requires the user to click on a crafted link.

Impact

Exploitation of this vulnerability could result in unauthorized redirection of users, allowing attackers to steal session data by intercepting valid session information.

Remediation

Siemens has released hot fixes for all affected Teamcenter versions. Users are advised to apply these hot fixes as described in the Software Field Bulletin PL8837639.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

5.8

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

5.8

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens Teamcenter Open Redirect Vulnerability in SSO Login Service

Vulnerability

Impact

Remediation

Affected Products

Siemens Teamcenter

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating