CVE-2024-41982

Summary

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application does not have adequate encryption of sensitive information. This could allow an authenticated attacker to gain access of sensitive information.

Affected Software

VendorProductVersion RangeStatus
SiemensSmartClient modules Opcenter QL Home (SC)V13.2 < V2506affected
SiemensSOA AuditV13.2 < V2506affected
SiemensSOA CockpitV13.2 < V2506affected

Weaknesses

  • CWE-311: CWE-311: Missing Encryption of Sensitive Data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References