CVE-2024-46890
CVSS V2 None
CVSS V3 None
Description
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code on the underlying OS.
Overview
- CVE ID
- CVE-2024-46890
- Assigner
- siemens
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-12T12:49:41.829Z
- Last Modified Date
- 2024-11-12T14:28:21.227Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://cert-portal.siemens.com/productcert/html/ssa-915275.html |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-46890 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46890 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-11-13 13:10:26 | Added to TrackCVE |