cvedb.io
CVE-2022-42894
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2022-11-17T17:15:13.433 · Last modified 2026-06-17T05:05:32.510

Summary

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). An unauthenticated Server-Side Request Forgery (SSRF) vulnerability was identified in one of the web services exposed on the syngo Dynamics application that could allow for the leaking of NTLM credentials as well as local service enumeration.

Affected products

siemens — syngo_dynamics_cardiovascular_imaging_and_information_system

Does this affect you?

Add your gear to cvedb and we'll alert you only when siemens ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.