Multiple vulnerability in Siemens SINEC Traffic Analyzer
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2024-41903 CVE-2024-41904 CVE-2024-41905 CVE-2024-41906 CVE-2024-41907 |
| CWE-ID | CWE-269 CWE-307 CWE-284 CWE-524 CWE-358 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SINEC Traffic Analyzer Hardware solutions / Firmware |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Improper privilege management
EUVDB-ID: #VU95996
Risk: Low
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41903
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges.
The vulnerability exists due to improper privilege management. A remote administrator can alter the container's filesystem and escalate privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEC Traffic Analyzer: before 2.0
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-716317.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Restriction of Excessive Authentication Attempts
EUVDB-ID: #VU95997
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-41904
CWE-ID:
CWE-307 - Improper Restriction of Excessive Authentication Attempts
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to improper restriction of excessive authentication attempts. A remote attacker can conduct brute force attacks against legitimate user passwords.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEC Traffic Analyzer: before 2.0
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-716317.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU95998
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-41905
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote user can bypass implemented security restrictions and gain unauthorized access to sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEC Traffic Analyzer: before 2.0
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-716317.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use of cache containing sensitive information
EUVDB-ID: #VU95999
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-41906
CWE-ID:
CWE-524 - Use of Cache Containing Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected application does not properly handle cacheable HTTP responses in the web service. A remote attacker can read and modify data stored in the local cache.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEC Traffic Analyzer: before 2.0
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-716317.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improperly implemented security check for standard
EUVDB-ID: #VU96000
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41907
CWE-ID:
CWE-358 - Improperly Implemented Security Check for Standard
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the the affected application is missing general HTTP security headers in the web server. A remote attacker can make the servers more prone to clickjacking.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEC Traffic Analyzer: before 2.0
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-716317.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
