Podatność CVE-2024-41681


Publikacja: 2024-08-13

Opis:
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connection between legitimate clients and the affected device.

Typ:

CWE-326

(Inadequate Encryption Strength)

 Referencje:
https://cert-portal.siemens.com/productcert/html/ssa-720392.html

Copyright 2024, cxsecurity.com

 

Back to Top