CVE-2024-39868
First published: Tue Jul 09 2024(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit VxLAN configuration information of networks for which they have no privileges.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens SINEMA Remote Connect | <3.2 | |
| Siemens SINEMA Remote Connect | =3.2 | |
| Siemens SINEMA Remote Connect | =3.2-hf1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-39868?
The severity of CVE-2024-39868 is considered high due to unauthorized access to VxLAN configuration.
How do I fix CVE-2024-39868?
To fix CVE-2024-39868, upgrade to SINEMA Remote Connect Server version 3.2 SP1 or higher.
What types of actions can be exploited in CVE-2024-39868?
CVE-2024-39868 can be exploited to access and modify VxLAN configuration without authentication.
Who is affected by CVE-2024-39868?
CVE-2024-39868 affects all versions of SINEMA Remote Connect Server prior to version 3.2 SP1.
Is there a workaround for CVE-2024-39868 before patching?
There is no official workaround for CVE-2024-39868 recommended other than upgrading the software.
- agent/weakness
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens sinema remote connect
- version/siemens sinema remote connect/3.2
- version/siemens sinema remote connect/3.2-hf1