CVE-2024-41904

Summary

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker to conduct brute force attacks against legitimate user credentials or keys.

Affected Software

VendorProductVersion RangeStatus
SiemensSINEC Traffic Analyzer0 < V2.0affected

Weaknesses

  • CWE-307: CWE-307: Improper Restriction of Excessive Authentication Attempts

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References