ГлавнаяУязвимости → CVE-2024-41979
7.1высокая

CVE-2024-41979

Описание

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application does not enforce mandatory authorization on some functionality level at server side. This could allow an authenticated attacker to gain complete access of the application.

Затрагиваемое ПО
Siemens Opcenter quality
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://cert-portal.siemens.com/productcert/html/ssa-382999.html