A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session establishment.
Metrics
Affected Vendors & Products
References
History
Tue, 10 Sep 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Siemens
Siemens sinema Remote Connect Server |
|
CPEs | cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:-:*:*:*:*:*:* cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:hf1:*:*:*:*:*:* cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:sp1:*:*:*:*:*:* |
|
Vendors & Products |
Siemens
Siemens sinema Remote Connect Server |
Tue, 10 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 10 Sep 2024 09:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session establishment. | |
Weaknesses | CWE-384 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2024-09-10T09:36:48.651Z
Updated: 2024-09-10T14:53:36.766Z
Reserved: 2024-07-30T12:41:00.465Z
Link: CVE-2024-42345
Vulnrichment
Updated: 2024-09-10T14:53:33.401Z
NVD
Status : Analyzed
Published: 2024-09-10T10:15:12.433
Modified: 2024-09-10T18:54:46.653
Link: CVE-2024-42345
Redhat
No data.