CVE-2024-41938
CVE-2024-41938
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
Produtos afetados
Siemens · SINEC NMSQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →