CVE-2024-42344 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-42344 PUBLISHED CVSS 4.400000095367432 MEDIUM

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an authenticated attacker to compromise the confidentiality of other users' configuration data.

EPSS 0.09% · 26.0th percentile

Risk Scores

CVSS v3.1

4.400000095367432

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C

EPSS Score

0.09%

26.0th percentile

Affected Products

Vendor	Product	Versions
siemens	sinema_remote_connect_client	3.2, 0, 3.2
Siemens	SINEMA Remote Connect Client	0, 0, 0

Timeline

Sep 10, 2024 CVE Published
Sep 10, 2024 CVE Updated
Sep 10, 2024 PoC Published
Sep 11, 2024 EPSS Score
Sep 30, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 20, 2024 EPSS Score
Nov 8, 2024 EPSS Score
Nov 27, 2024 EPSS Score
Dec 17, 2024 EPSS Score
Jan 6, 2025 EPSS Score
Jan 25, 2025 EPSS Score

References

Open in Interactive Console →