VDB
CISA-2024-23810
CISA-2024-23810
PUBLISHED
CVSS 8.8 HIGH
Reported by siemens · Published February 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application is vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database.
Risk Scores
CVSS 3.1
8.8
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SINEC NMS | 0 |
| Siemens | SINEC NMS | 0, 0 |
Timeline
- Feb 13, 2024 CVE Published
- May 9, 2025 CVE Updated