A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading proxy configurations. This could allow an authenticated local attacker to execute arbitrary code with system privileges.
Metrics
Affected Vendors & Products
References
History
Fri, 06 Sep 2024 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:sinema_remote_connect_client:3.2:-:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2024-07-09T12:05:12.815Z
Updated: 2024-08-02T04:26:15.966Z
Reserved: 2024-06-25T15:55:17.885Z
Link: CVE-2024-39568
Vulnrichment
Updated: 2024-07-23T13:45:00.787Z
NVD
Status : Modified
Published: 2024-07-09T12:15:16.263
Modified: 2024-11-21T09:28:01.897
Link: CVE-2024-39568
Redhat
No data.