| |
Vulnerability CVE-2024-46887
Published: 2024-10-08
Description: |
The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load. |
Type:
CWE-288 (Authentication Bypass Using an Alternate Path or Channel)
References: |
https://cert-portal.siemens.com/productcert/html/ssa-054046.html
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|