A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connection between legitimate clients and the affected device.
Metrics
Affected Vendors & Products
References
History
Wed, 14 Aug 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Siemens
Siemens location Intelligence |
|
CPEs | cpe:2.3:a:siemens:location_intelligence:*:*:*:*:*:*:*:* | |
Vendors & Products |
Siemens
Siemens location Intelligence |
Tue, 13 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 13 Aug 2024 08:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connection between legitimate clients and the affected device. | |
Weaknesses | CWE-326 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2024-08-13T07:54:18.686Z
Updated: 2024-08-13T13:50:59.341Z
Reserved: 2024-07-19T07:26:24.367Z
Link: CVE-2024-41681
Vulnrichment
Updated: 2024-08-13T13:50:55.158Z
NVD
Status : Analyzed
Published: 2024-08-13T08:15:11.847
Modified: 2024-08-14T18:37:06.540
Link: CVE-2024-41681
Redhat
No data.