Unauthorized Data Access Vulnerability in Siemens XHQ Server 4 and 5

Unauthorized Data Access Vulnerability in Siemens XHQ Server 4 and 5

CVE-2017-6866 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before V4.7.1.3 and 5 before V5.0.0.2) that could allow an authenticated low-privileged remote user to gain read access to data in the XHQ solution exceeding his configured permission level.

Learn more about our Cis Benchmark Audit For Server Software.