SINEC Traffic Analyzer Vulnerability: Unauthorized Access to Sensitive Information
CVE-2024-41905

6.5MEDIUM

Key Information:

Vendor: Siemens
Status: Sinec Traffic Analyzer
Vendor: CVE Published:; 13 August 2024

Summary

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege's to get access to sensitive information.

Affected Version(s)

SINEC Traffic Analyzer 0

References

https://cert-portal.siemens.com/productcert/html/ssa-7163...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 13, 2024
Vulnerability Reserved
Jul 23, 2024