A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1). The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/html/ssa-653855.html | Patch Vendor Advisory |
https://cert-portal.siemens.com/productcert/html/ssa-653855.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:55
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.6 |
References | () https://cert-portal.siemens.com/productcert/html/ssa-653855.html - Patch, Vendor Advisory |
25 Mar 2024, 16:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:sinema_remote_connect_client:3.1:-:*:*:*:*:*:* |
|
First Time |
Siemens
Siemens sinema Remote Connect Client |
|
References | () https://cert-portal.siemens.com/productcert/html/ssa-653855.html - Patch, Vendor Advisory | |
CWE | NVD-CWE-Other | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
Summary |
|
12 Mar 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-12 11:15
Updated : 2024-11-21 08:55
NVD link : CVE-2024-22045
Mitre link : CVE-2024-22045
CVE.ORG link : CVE-2024-22045
JSON object : View
Products Affected
siemens
- sinema_remote_connect_client
CWE
CWE-538
Insertion of Sensitive Information into Externally-Accessible File or Directory
NVD-CWE-Other