A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on.
Metrics
Affected Vendors & Products
References
History
Wed, 14 Aug 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Siemens
Siemens sinec Nms |
|
CPEs | cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Siemens
Siemens sinec Nms |
Tue, 13 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 13 Aug 2024 08:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on. | |
Weaknesses | CWE-22 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2024-08-13T07:54:30.281Z
Updated: 2024-08-13T13:18:07.307Z
Reserved: 2024-07-24T14:36:27.564Z
Link: CVE-2024-41938
Vulnrichment
Updated: 2024-08-13T13:18:00.637Z
NVD
Status : Analyzed
Published: 2024-08-13T08:15:14.353
Modified: 2024-08-14T18:08:42.777
Link: CVE-2024-41938
Redhat
No data.