← Voltar para CVEs
CVE-2024-41982
MEDIUM4.8
Descricao
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application does not have adequate encryption of sensitive information. This could allow an authenticated attacker to gain access of sensitive information.
Detalhes CVE
Pontuacao CVSS v3.14.8
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueADJACENT_NETWORK
ComplexidadeHIGH
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado8/12/2025
Ultima modificacao10/23/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
siemens:opcenter_quality
Fraquezas (CWE)
CWE-311
Referencias
https://cert-portal.siemens.com/productcert/html/ssa-382999.html(productcert@siemens.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.