Vulnerability Details CVE-2024-35207
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.5%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2024-35207
-
cpe:2.3:a:siemens:sinec_traffic_analyzer:-
-
cpe:2.3:a:siemens:sinec_traffic_analyzer:1.1