4 matches found
CVE-2023-40732
A vulnerability has been identified in QMS Automotive All versions V12.39. The QMS.Mobile module of the affected application does not invalidate the session token on logout. This could allow an attacker to perform session hijacking attacks...
CVE-2023-40732
A vulnerability has been identified in QMS Automotive All versions V12.39. The QMS.Mobile module of the affected application does not invalidate the session token on logout. This could allow an attacker to perform session hijacking attacks...
CVE-2023-40732
A vulnerability has been identified in QMS Automotive All versions V12.39. The QMS.Mobile module of the affected application does not invalidate the session token on logout. This could allow an attacker to perform session hijacking attacks...
CVE-2023-40732
CVE-2023-40732 affects Siemens QMS Automotive: the QMS.Mobile module does not invalidate the session token on logout for all versions before V12.39, enabling potential session hijacking. Impact is limited to user sessions; CVSS v3.1 base score 3.9 (LOW). Remediation per sources: update to V12.39 ...