{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41978", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "state": "PUBLISHED", "assignerShortName": "siemens", "dateReserved": "2024-07-25T11:00:11.939Z", "datePublished": "2024-08-13T07:54:39.417Z", "dateUpdated": "2024-08-13T13:29:07.876Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2024-08-13T07:54:39.417Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users."}], "affected": [{"vendor": "Siemens", "product": "RUGGEDCOM RM1224 LTE(4G) EU", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "RUGGEDCOM RM1224 LTE(4G) NAM", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M804PB", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M812-1 ADSL-Router family", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M816-1 ADSL-Router family", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M826-2 SHDSL-Router", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M874-2", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M874-3", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M874-3 3G-Router (CN)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-3", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-3 (ROK)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-4", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-4 (EU)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-4 (NAM)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM853-1 (A1)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM853-1 (B1)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM853-1 (EU)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (A1)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (B1)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (CN)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (EU)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (RoW)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE S615 EEC LAN-Router", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE S615 LAN-Router", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}, {"cvssV4_0": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "baseScore": 7.1, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File", "type": "CWE"}]}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-13T13:28:57.409070Z", "id": "CVE-2024-41978", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-13T13:29:07.876Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41978", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-13T13:28:57.409070Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-13T13:29:03.474Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C"}}, {"cvssV4_0": {"version": "4.0", "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"}}], "affected": [{"vendor": "Siemens", "product": "RUGGEDCOM RM1224 LTE(4G) EU", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "RUGGEDCOM RM1224 LTE(4G) NAM", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M804PB", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M812-1 ADSL-Router family", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M816-1 ADSL-Router family", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M826-2 SHDSL-Router", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M874-2", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M874-3", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M874-3 3G-Router (CN)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-3", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-3 (ROK)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-4", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-4 (EU)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE M876-4 (NAM)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM853-1 (A1)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM853-1 (B1)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM853-1 (EU)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (A1)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (B1)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (CN)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (EU)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE MUM856-1 (RoW)", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE S615 EEC LAN-Router", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE S615 LAN-Router", "versions": [{"status": "affected", "version": "0", "lessThan": "V8.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2024-08-13T07:54:39.417Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41978", "state": "PUBLISHED", "dateUpdated": "2024-08-13T13:29:07.876Z", "dateReserved": "2024-07-25T11:00:11.939Z", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "datePublished": "2024-08-13T07:54:39.417Z", "assignerShortName": "siemens"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "328FA23D-AEEF-473A-997A-FBBE18246CB5", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*", "matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "25FB249D-A143-457F-93C7-653DD76DEDF0", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*", "matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "99CB7E58-2C7C-4569-9A5D-5BED18BF48D0", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m826-2_shdsl-router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BB2FE5E-C43B-4F13-A8A6-908E8AFC76B0", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:-:*:*:*:*:*:*:*", "matchCriteriaId": "39951670-CF88-460C-B1D5-6DCFBC7F573D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "29588219-DB22-4FFB-B069-DB8DF242052F", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*", "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "71A50E33-00A9-40E2-93E1-359FDD3CF077", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5922A34F-A6A8-4215-83C5-9F7F279AC2CC", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD7ABD5D-1250-441E-A768-5012DD3636CF", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*", "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m874-3_3g-router_\\(cn\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3698100C-C634-48D2-B6EB-210C6784FF5D", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m874-3_3g-router_\\(cn\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "FEA94E3C-6B00-407F-81BF-964D156E061F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "112CA300-C5BF-49D4-88C9-BFE9ADF49FAB", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C96A6B66-687B-4B36-AA1D-14232BA034C0", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F0F630F-540D-4BBC-BFEA-43642783B41A", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2113F152-E2F7-4F38-9D41-2BBB4A9FE02B", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C25F8111-2124-4610-A184-FF75022341E3", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DA690767-51B8-4202-BF9E-96DE81DF3326", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B63374D9-358B-4CF0-9E5D-432330612413", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "49B17408-D934-46B1-A879-42B310127632", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8903A0DF-510A-4BDE-96B2-A3C38CB5A07C", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2F56C36-BCFA-4EBB-AF0D-7B90B5180759", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E8A926E-05D5-4B85-8B54-6B13C815CFCD", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_lan-router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A9F5011-6FB8-476B-95C9-B42ECDF9ACF3", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_s615_eec_lan-router:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E8F4C94-781F-4796-83DD-A28E6D347AD8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_s615_lan-router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA816C2D-54F1-44A2-B811-151155CD1387", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_s615_lan-router:-:*:*:*:*:*:*:*", "matchCriteriaId": "B98A1E7F-5A9A-4620-8137-7C1D84815917", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "40E4DE88-0B4E-40FD-A7BD-FD197A67AFEF", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE90A25C-D574-4CAF-A2AF-61B27B3B699F", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "62F46C61-BFC9-4A81-8F15-F7878FC6E657", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "661F446C-7A54-41F9-8F3C-75DAC5840B9C", "versionEndExcluding": "8.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones &lt; V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones &lt; V8.1 ), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones &lt; V8.1), Familia de enrutadores ADSL SCALANCE M812-1 (Todas las versiones &lt; V8.1), Familia de enrutadores ADSL SCALANCE M816-1 (Todas las versiones &lt; V8 .1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (todas las versiones &lt; V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (todas las versiones &lt; V8.1), SCALANCE M874- 3 (6GK5874-3AA00-2AA2) (Todas las versiones &lt; V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (Todas las versiones &lt; V8.1), SCALANCE M876-3 (6GK5876- 3AA02-2BA2) (Todas las versiones &lt; V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones &lt; V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones &lt; V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones &lt; V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones &lt; V8.1 ), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones &lt; V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones &lt; V8.1), SCALANCE MUM853 -1 (UE) (6GK5853-2EA00-2DA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (B1 ) (6GK5856-2EA10-3BA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (EU) (6GK5856- 2EA00-3DA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones &lt; V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) ( Todas las versiones &lt; V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (Todas las versiones &lt; V8.1). Los dispositivos afectados insertan informaci\u00f3n confidencial sobre la generaci\u00f3n de tokens 2FA en archivos de registro. Esto podr\u00eda permitir que un atacante remoto autenticado falsifique tokens 2FA de otros usuarios."}], "id": "CVE-2024-41978", "lastModified": "2024-08-23T18:34:36.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "productcert@siemens.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "NONE", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "NONE"}, "source": "productcert@siemens.com", "type": "Secondary"}]}, "published": "2024-08-13T08:15:15.903", "references": [{"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "productcert@siemens.com", "type": "Primary"}]}

{}

{}