CVE-2022-31619

Name: CVE-2022-31619
Creator: NVD / NIST
Published: 2022-06-14T10:15:20.6+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8.8/10EPSS 1.25%

Last modified Jun 17, 2026

CVE-2022-31619 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. EPSS estimates a 1.25% chance of exploitation in the next 30 days.

Description

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions.

Metrics

CVSS 3.1

8.8/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

1.25%

65.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Siemens	Teamcenter	>= 12.4, < 12.4.0.13
Siemens	Teamcenter	>= 13.0, < 13.0.0.9
Siemens	Teamcenter	>= 13.1, < 13.1.0.9
Siemens	Teamcenter	>= 13.2, < 13.2.0.9
Siemens	Teamcenter	>= 13.3, < 13.3.0.3
Siemens	Teamcenter	>= 14.0, < 14.0.0.2

References

https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdfPatch, Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdfPatch, Vendor Advisory

Timeline

Published: Jun 14, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-31619?

How severe is CVE-2022-31619?

CVE-2022-31619 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 1.25% probability of exploitation in the next 30 days.

How do I fix CVE-2022-31619?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-31619?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST