CVE-2024-41904

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker to conduct brute force attacks against legitimate user credentials or keys.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:sinec_traffic_analyzer:*:*:*:*:*:*:*:*

History

14 Aug 2024, 18:39

Type Values Removed Values Added
First Time Siemens
Siemens sinec Traffic Analyzer
CPE cpe:2.3:a:siemens:sinec_traffic_analyzer:*:*:*:*:*:*:*:*
References () https://cert-portal.siemens.com/productcert/html/ssa-716317.html - () https://cert-portal.siemens.com/productcert/html/ssa-716317.html - Vendor Advisory
Summary
  • (es) Se ha identificado una vulnerabilidad en SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (Todas las versiones &lt; V2.0). La aplicación afectada no aplica adecuadamente la restricción de intentos de autenticación excesivos. Esto podría permitir que un atacante no autenticado realice ataques de fuerza bruta contra claves o credenciales de usuarios legítimos.

13 Aug 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-13 08:15

Updated : 2024-08-14 18:39


NVD link : CVE-2024-41904

Mitre link : CVE-2024-41904

CVE.ORG link : CVE-2024-41904


JSON object : View

Products Affected

siemens

  • sinec_traffic_analyzer
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts