SINEC Traffic Analyzer Vulnerability: Unauthorized Access to Sensitive Information

CVE-2024-41905

6.5MEDIUM

Key Information

Vendor: Siemens
Status: Sinec Traffic Analyzer
Vendor: CVE Published:; 13 August 2024

Summary

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege's to get access to sensitive information.

Affected Version(s)

SINEC Traffic Analyzer < 0

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 13, 2024
Vulnerability Reserved.
Jul 23, 2024

Collectors

NVD DatabaseMitre Database