CVE-2024-39874
First published: Tue Jul 09 2024(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its Client Communication component. This could allow an attacker to learn user credentials that are vulnerable to brute force attacks.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens SINEMA Remote Connect | <3.2 | |
| Siemens SINEMA Remote Connect | =3.2 | |
| Siemens SINEMA Remote Connect | =3.2-hf1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-39874?
CVE-2024-39874 is classified as a high severity vulnerability due to inadequate brute force protection.
How do I fix CVE-2024-39874?
To remediate CVE-2024-39874, update SINEMA Remote Connect Server to version 3.2 SP1 or later.
Who is affected by CVE-2024-39874?
CVE-2024-39874 affects all versions of SINEMA Remote Connect Server prior to V3.2 SP1.
What type of attacks can exploit CVE-2024-39874?
CVE-2024-39874 can be exploited through brute force attacks on user credentials.
What components of SINEMA Remote Connect Server are affected by CVE-2024-39874?
The Client Communication component of SINEMA Remote Connect Server is affected by CVE-2024-39874.
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/type
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens sinema remote connect
- version/siemens sinema remote connect/3.2
- version/siemens sinema remote connect/3.2-hf1