Lucene search

[email protected]NVD:CVE-2024-35206

HistoryJun 11, 2024 - 12:15 p.m.

CVE-2024-35206

2024-06-1112:15:16

CWE-613

[email protected]

web.nvd.nist.gov

vulnerability

sinec traffic analyzer

unauthorized access

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

33.7%

JSON

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application does not expire the session. This could allow an attacker to get unauthorized access.

Affected configurations

Nvd

Node

siemenssinec_traffic_analyzerRange<1.2

VendorProductVersionCPE
siemenssinec_traffic_analyzer*cpe:2.3:a:siemens:sinec_traffic_analyzer:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	sinec_traffic_analyzer	*	cpe:2.3:a:siemens:sinec_traffic_analyzer::::::::

References

cert-portal.siemens.com/productcert/html/ssa-196737.html

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

33.7%

JSON

Related for NVD:CVE-2024-35206

vulnrichment1 cve1 cvelist1 ics1