CVE-2024-37996

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
4.8MEDIUM
EPSS
0.1%
top 78.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Siemens Jt2goSiemens JT OpenSiemens PLM XML SDK+4 more
Timeline
PublishedJul 9

Description

A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter Visualization V14.2 (All versions < V14.2.0.13), Teamcenter Visualization V14.3 (All versions < V14.3.0.11), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0003). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted XML fi

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages7 packages

CVEListV5siemens/jt2go< V2406.0003

🔴Vulnerability Details

2
GHSA
GHSA-qw74-c3mf-v699: A vulnerability has been identified in JT Open (All versions < V112024-07-09
CVEList
CVE-2024-37996: A vulnerability has been identified in JT Open (All versions < V112024-07-09
CVE-2024-37996 (MEDIUM CVSS 4.8) | A vulnerability has been identified | cvebase.io