SSA-604937 V1.2 (Last Update: 2021-01-12): Multiple Web Server Vulnerabilities in Opcenter Execution Core

Published

2021-01-12 00:00:00 UTC

Summary

Opcenter Execution Core (formerly known as Camstar Enterprise Platform) contains a cross-site scripting (CVE-2020-7576), an SQL injection (CVE-2020-7577), a privilege escalation (CVE-2020-7578), and an information disclosure vulnerability (CVE-2020-28930) in various versions of the product.

Siemens has released an update for Opcenter Execution Core and recommends to update to the latest version.