Description
The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load.
Reserved 2024-09-12 | Published 2024-10-08 | Updated 2024-11-12 | Assigner
siemensMEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Problem types
CWE-288: Authentication Bypass Using an Alternate Path or Channel
Product status
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before *
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
Default status
unknown
Any version before V3.1.4
affected
References
cert-portal.siemens.com/productcert/html/ssa-054046.html
cve.org (CVE-2024-46887)
nvd.nist.gov (CVE-2024-46887)
Download JSON
Subscribe to our newsletter to learn more about our work.