exploitDog

CVE-2024-41941

Опубликовано: 13 авг. 2024

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization.

Ссылки

https://cert-portal.siemens.com/productcert/html/ssa-784301.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*

Версия до 3.0 (исключая)

EPSS

Процентиль: 17%

0.00053

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-863

Связанные уязвимости

GHSA-96w9-8q2h-2vpm

CVSS3: 4.3

github

больше 1 года назад

A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization.

EPSS

Процентиль: 17%

0.00053

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-863