Session Expiration Vulnerability in SINEC Traffic Analyzer by Siemens
CVE-2024-35206
8.5HIGH
Summary
A vulnerability has been detected in the SINEC Traffic Analyzer, specifically affecting all versions prior to V1.2. This flaw is rooted in the application's failure to properly expire user sessions, potentially allowing attackers to exploit this oversight for unauthorized access to the system. Organizations using affected versions should prioritize updates to mitigate security risks associated with session management defects.
Affected Version(s)
SINEC Traffic Analyzer 0
References
CVSS V4
Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved