CVE-2022-42894

Published: Nov 17, 2022

Modified: Apr 30, 2025

PUBLISHED

Description

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). An unauthenticated Server-Side Request Forgery (SSRF) vulnerability was identified in one of the web services exposed on the syngo Dynamics application that could allow for the leaking of NTLM credentials as well as local service enumeration.

Vendor	Product	Versions
Siemens	syngo Dynamics	affected `All versions < VA40G HF01`

Weaknesses (CWE)

CWE-918

References

https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-42894

Description

Affected Products

Weaknesses (CWE)

References