Lucene search
K

Teamcenter Visualization SSO login service Vulnerability

🗓️ 07 Nov 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 4 Views

Teamcenter Visualization SSO open redirect affects versions 14.1, 14.2, 14.3, 2312, 2406, 2412; crafted links steal sessions.

Related
Refs
Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(274364);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/11/18");

  script_cve_id("CVE-2025-23363");
  script_xref(name:"IAVA", value:"2024-A-0816-S");

  script_name(english:"Teamcenter Visualization SSO login service Vulnerability");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by SSO login service");
  script_set_attribute(attribute:"description", value:
"Teamcenter contains an open-redirect vulnerability in its SSO login service affecting Teamcenter V14.1, V14.2, 
V14.3, V2312, V2406, and V2412; the SSO accepts user-controlled input that can point to external URLs, allowing 
an attacker to craft a link that redirects a legitimate user to a malicious site to steal session data exploitation 
requires the user to click the attacker-crafted link.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/html/ssa-656895.html");
  script_set_attribute(attribute:"solution", value:
"See vendor advisory.");
  script_set_attribute(attribute:"agent", value:"windows");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-23363");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/12/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/12/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/11/07");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:siemens:teamcenter");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("siemens_teamcenter_installed.nbin");
  script_require_keys("installed_sw/Siemens Teamcenter");

  exit(0);
}

include('vcf.inc');

var app_info = vcf::get_app_info(app:'Siemens Teamcenter');

var version = app_info['version'];


if (version =~ "^14\.3\.")
{
    vcf::check_granularity(app_info:app_info, sig_segments:4);
}
else
{
    vcf::check_granularity(app_info:app_info, sig_segments:2);
}

var constraints = [
  { 'min_version' : '14.1.0', 'max_version': '14.1.999999', 'fixed_display': 'See vendor advisory', 'require_paranoia': TRUE },
  { 'min_version' : '14.2.0', 'max_version': '14.2.999999', 'fixed_display': 'See vendor advisory', 'require_paranoia': TRUE},
  { 'min_version' : '14.3.0.0', 'fixed_version' : '14.3.0.14'},
  { 'min_version' : '2312.0', 'fixed_version' : '2312.0010' },
  { 'min_version' : '2406.0', 'fixed_version' : '2406.0008' },
  { 'min_version' : '2412.0', 'fixed_version' : '2412.0004' }];

vcf::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_HOLE
);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

18 Nov 2025 00:00Current
8.6High risk
Vulners AI Score8.6
CVSS 46.1
CVSS 3.17.4
EPSS0.00518
SSVC
4