Attackers Can Gain Access to Database Entries via Lack of Input Validation
CVE-2024-35212
6.9MEDIUM
Summary
A significant vulnerability has been detected in SINEC Traffic Analyzer, specifically affecting versions prior to V1.2. This flaw is rooted in inadequate input validation processes, which can permit unauthorized access to sensitive database entries. Attackers exploiting this vulnerability may manipulate input to extract or alter critical data, thereby compromising the integrity and confidentiality of the information handled by the application. Users of the affected product are advised to review their systems and implement necessary mitigations to protect against potential exploitation.
Affected Version(s)
SINEC Traffic Analyzer 0
References
CVSS V4
Score:
6.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved