CVE-2024-46891
published 2024-11-12CVE-2024-46891: A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated…
medium6.9CVSS 4.0
AVNACLATNPRNUINVCNVINVALSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sinec_ins | < V1.0 SP2 Update 3 | V1.0 SP2 Update 3 |
| siemens | sinec_ins | <= 1.0 | — |
| siemens | sinec_ins | — | — |