CVE-2024-22045
Published Mar 12, 2024
Last updated 8 months ago
Overview
- Description
- A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1). The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product.
- Source
- productcert@siemens.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
- productcert@siemens.com
- CWE-538
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D90E9D5-EAC5-480A-9DF5-9726B34807AC",
"versionEndExcluding": "3.1"
},
{
"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_client:3.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3100A7B5-00F4-4DB9-951F-23F548256C9B"
}
],
"operator": "OR"
}
]
}
]