CVE-2024-41983

Summary

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool.

Affected Software

VendorProductVersion RangeStatus
SiemensSmartClient modules Opcenter QL Home (SC)V13.2 < V2506affected
SiemensSOA AuditV13.2 < V2506affected
SiemensSOA CockpitV13.2 < V2506affected

Weaknesses

  • CWE-209: CWE-209: Generation of Error Message Containing Sensitive Information

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References