CVE-2024-42345
published 2024-09-10CVE-2024-42345: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly handle user session…
medium5.3CVSS 4.0
AVNACLATNPRLUINVCNVILVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session establishment.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sinema_remote_connect_server | < V3.2 SP2 | V3.2 SP2 |
| siemens | sinema_remote_connect_server | < 3.2 | 3.2 |
| siemens | sinema_remote_connect_server | — | — |