ghsa-7jf9-xqjc-725f
Vulnerability from github
Published
2024-08-13 09:30
Modified
2024-08-13 09:30
Severity
6.8 (Medium) - CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
7.6 (High) - CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
7.6 (High) - CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Details
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege's to get access to sensitive information.
{ "affected": [], "aliases": [ "CVE-2024-41905" ], "database_specific": { "cwe_ids": [ "CWE-284" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2024-08-13T08:15:13Z", "severity": "HIGH" }, "details": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions \u003c V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege\u0027s to get access to sensitive information.", "id": "GHSA-7jf9-xqjc-725f", "modified": "2024-08-13T09:30:52Z", "published": "2024-08-13T09:30:52Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41905" }, { "type": "WEB", "url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "type": "CVSS_V3" }, { "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "type": "CVSS_V4" } ] }
Loading...