CVE-2024-35211
CVSS V2 None
CVSS V3 None
Description
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as “Secure”, “HttpOnly”, or “SameSite”).
Overview
- CVE ID
- CVE-2024-35211
- Assigner
- siemens
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-06-11T11:15:53.465Z
- Last Modified Date
- 2024-06-12T19:46:37.879Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/html/ssa-196737.html |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-35211 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35211 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 13:45:56 | Added to TrackCVE |