CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-47808

A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an authenticated medium-privileged attacker to write arbitrary content to any location in the filesystem of the host system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.9%

CVSS Severity

CVSS v3 Score 8.4

References

https://cert-portal.siemens.com/productcert/html/ssa-331112.html

Products affected by CVE-2024-47808

Siemens » Sinec Nms » Version: N/A

cpe:2.3:a:siemens:sinec_nms:-
Siemens » Sinec Nms » Version: 1.0

cpe:2.3:a:siemens:sinec_nms:1.0
Siemens » Sinec Nms » Version: 1.0.3

cpe:2.3:a:siemens:sinec_nms:1.0.3
Siemens » Sinec Nms » Version: 2.0

cpe:2.3:a:siemens:sinec_nms:2.0
Siemens » Sinec Nms » Version: 3.0

cpe:2.3:a:siemens:sinec_nms:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-47808

Products

Pricing

Contact Us