| |
Podatność CVE-2024-42345
Publikacja: 2024-09-10
| Opis: |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session establishment. |
Typ:
CWE-384 (Session Fixation)
Referencje: |
https://cert-portal.siemens.com/productcert/html/ssa-869574.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English