Public Exposure of Internal Application Port Could Lead to Authentication Bypass
CVE-2024-38879
9.8CRITICAL
Key Information:
- Vendor
Siemens
- Vendor
- CVE Published:
- 2 August 2024
What is CVE-2024-38879?
An identified vulnerability in the Omnivise T3000 Application Server series allows unauthorized access due to the exposure of internal application ports on public network interfaces. This vulnerability can enable attackers to bypass standard authentication measures and gain direct access to sensitive applications, potentially leading to serious security risks for affected systems. This issue is present across several versions of the Omnivise T3000, necessitating prompt attention from users to mitigate unauthorized access risks.
Affected Version(s)
Omnivise T3000 Application Server R9.2 0
Omnivise T3000 R8.2 SP3 0
Omnivise T3000 R8.2 SP4 0