CVE-2024-41903 MEDIUM

CVE-2024-41903

Vendor Siemens
Product SINEC Traffic Analyzer
Weakness CWE-269
Published August 13, 2024
Last update August 13, 2024

CVSS base score

6.6/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application mounts the container's root filesystem with read and write privileges. This could allow an attacker to alter the container's filesystem leading to unauthorized modifications and data corruption.

Key dates

02Disclosure timeline

August 13, 2024 CVE published
August 13, 2024 Record updated