Vulnerability Details CVE-2024-35211
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as “Secure”, “HttpOnly”, or “SameSite”).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.7%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2024-35211
-
cpe:2.3:a:siemens:sinec_traffic_analyzer:-
-
cpe:2.3:a:siemens:sinec_traffic_analyzer:1.1