CVE-2024-41907

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:sinec_traffic_analyzer:*:*:*:*:*:*:*:*

History

14 Aug 2024, 18:06

Type Values Removed Values Added
Summary
  • (es) Se ha identificado una vulnerabilidad en SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (Todas las versiones &lt; V2.0). A la aplicación afectada le faltan encabezados de seguridad HTTP generales en el servidor web. Esto podría permitir a un atacante hacer que los servidores sean más propensos a sufrir ataques de clickjacking.
CVSS v2 : unknown
v3 : 4.2
v2 : unknown
v3 : 5.4
CWE NVD-CWE-Other
First Time Siemens
Siemens sinec Traffic Analyzer
CPE cpe:2.3:a:siemens:sinec_traffic_analyzer:*:*:*:*:*:*:*:*
References () https://cert-portal.siemens.com/productcert/html/ssa-716317.html - () https://cert-portal.siemens.com/productcert/html/ssa-716317.html - Vendor Advisory

13 Aug 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-13 08:15

Updated : 2024-08-14 18:06


NVD link : CVE-2024-41907

Mitre link : CVE-2024-41907

CVE.ORG link : CVE-2024-41907


JSON object : View

Products Affected

siemens

  • sinec_traffic_analyzer
CWE
NVD-CWE-Other CWE-358

Improperly Implemented Security Check for Standard