CVE-2024-47565

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate that user input complies with a list of allowed values. This could allow an authenticated remote attacker to compromise the integrity of the configuration of the affected application.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:sinec_security_monitor:*:*:*:*:*:*:*:*

History

11 Oct 2024, 20:05

Type Values Removed Values Added
First Time Siemens
Siemens sinec Security Monitor
CWE NVD-CWE-Other
References () https://cert-portal.siemens.com/productcert/html/ssa-430425.html - () https://cert-portal.siemens.com/productcert/html/ssa-430425.html - Third Party Advisory
CPE cpe:2.3:a:siemens:sinec_security_monitor:*:*:*:*:*:*:*:*

10 Oct 2024, 12:56

Type Values Removed Values Added
Summary
  • (es) Se ha identificado una vulnerabilidad en Siemens SINEC Security Monitor (todas las versiones anteriores a la V4.9.0). La aplicación afectada no valida correctamente que la entrada del usuario cumpla con una lista de valores permitidos. Esto podría permitir que un atacante remoto autenticado comprometa la integridad de la configuración de la aplicación afectada.

08 Oct 2024, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-08 09:15

Updated : 2024-10-11 20:05


NVD link : CVE-2024-47565

Mitre link : CVE-2024-47565

CVE.ORG link : CVE-2024-47565


JSON object : View

Products Affected

siemens

  • sinec_security_monitor
CWE
NVD-CWE-Other CWE-183

Permissive List of Allowed Inputs