CVE-2022-33139 Client-side Authentication
Search
-
heinz.romann
- Posts: 2
- Joined: Mon Feb 06, 2012 8:42 am
CVE-2022-33139 Client-side Authentication
The Siemens Security Advisory recommends using server-side authentication as a solution to this problem. We still want to use client-side authentication so that we can use SSO (SingleSignOn). Will this issue be fixed with a patch?
Re: CVE-2022-33139 Client-side Authentication
In the linked pdf document it is described which solutions are available to avoid this issue:
https://cert-portal.siemens.com/product ... 111512.pdf
If you have further questions please get in contact with your common WinCC OA support and/or the company responsible for your project.
Best Regards
Leopold Knipp
Senior Support Specialist
https://cert-portal.siemens.com/product ... 111512.pdf
If you have further questions please get in contact with your common WinCC OA support and/or the company responsible for your project.
Best Regards
Leopold Knipp
Senior Support Specialist
Re: CVE-2022-33139 Client-side Authentication
Yes we are aware about this "solution". But we need a solution for SSO (SingleSignOn), which works only with client-side authentication.
Re: CVE-2022-33139 Client-side Authentication
Please refer also to the following article
https://support.industry.siemens.com/cs ... 0&lc=en-US
If you have further questions please get in contact with your common WinCC OA support and/or the system integrator responsible for your project.
Best Regards
Leopold Knipp
Senior Support Specialist
https://support.industry.siemens.com/cs ... 0&lc=en-US
If you have further questions please get in contact with your common WinCC OA support and/or the system integrator responsible for your project.
Best Regards
Leopold Knipp
Senior Support Specialist