Siemens Sinec Traffic Analyzer
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Siemens Sinec Traffic Analyzer.
By the Year
In 2026 there have been 0 vulnerabilities in Siemens Sinec Traffic Analyzer. Last year, in 2025 Sinec Traffic Analyzer had 3 security vulnerabilities published. Right now, Sinec Traffic Analyzer is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 3 | 7.03 |
| 2024 | 12 | 6.43 |
It may take a day or so for new Sinec Traffic Analyzer vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Siemens Sinec Traffic Analyzer Security Vulnerabilities
SINEC Traffic Analyzer (<V3.0): DoS via Missing Container Limits
CVE-2025-40766
5.5 - Medium
- August 12, 2025
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service (DoS) attack.
Resource Exhaustion
Unauthorized Access via Exposed Service Port (SINEC Traffic Analyzer <V3.0)
CVE-2025-40768
7.8 - High
- August 12, 2025
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application exposes an internal service port to be accessible from outside the system. This could allow an unauthorized attacker to access the application.
Information Disclosure
Docker Container Breakout RCE in SINEC Traffic Analyzer <V3.0
CVE-2025-40767
7.8 - High
- August 12, 2025
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host system resources.
Execution with Unnecessary Privileges
SINEC Traffic Analyzer <v2.0 Missing HTTP Security Headers Clickjacking Risk
CVE-2024-41907
5.4 - Medium
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack.
Improperly Implemented Security Check for Standard
SINEC Traffic Analyzer V<2.0: Cache Poisoning Vulnerability
CVE-2024-41906
6.5 - Medium
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache.
Use of Cache Containing Sensitive Information
Access Control Bypass in SINEC Traffic Analyzer <V2.0 (CVE-2024-41905)
CVE-2024-41905
6.5 - Medium
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege's to get access to sensitive information.
Authorization
SINEC Traffic Analyzer <V2.0: BruteForce Auth Failure (CVE202441904)
CVE-2024-41904
7.5 - High
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker to conduct brute force attacks against legitimate user credentials or keys.
Improper Restriction of Excessive Authentication Attempts
SINEC Traffic Analyzer V<2.0 Container RootFS Priv Esc
CVE-2024-41903
7.2 - High
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application mounts the container's root filesystem with read and write privileges. This could allow an attacker to alter the container's filesystem leading to unauthorized modifications and data corruption.
Improper Privilege Management
SINEC Traffic Analyzer <V1.2 Input Validation Flaw Exposes DB
CVE-2024-35212
6.2 - Medium
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application lacks input validation due to which an attacker can gain access to the Database entries.
Improper Input Validation
SINEC Traffic Analyzer <V1.2: Session Cookie lacks Secure/HttpOnly/SameSite
CVE-2024-35211
5.5 - Medium
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as Secure, HttpOnly, or SameSite).
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
SINEC Traffic Analyzer <1.2 HSTS non-enforcement downgrade attack
CVE-2024-35210
5.1 - Medium
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server is not enforcing HSTS. This could allow an attacker to perform downgrade attacks exposing confidential information.
Cleartext Transmission of Sensitive Information
SINEC Traffic Analyzer <1.2: Improper HTTP Method Exposure Enables File Mod
CVE-2024-35209
6.2 - Medium
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files.
Exposed Dangerous Method or Function
Cleartext Password Storage in SINEC Traffic Analyzer < V1.2 (6GK8822-1BG01-0BA0)
CVE-2024-35208
5.5 - Medium
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server stored the password in cleartext. This could allow attacker in a privileged position to obtain access passwords.
Insufficiently Protected Credentials
SINEC Traffic Analyzer <V1.2 Web Interface CSRF Vulnerable
CVE-2024-35207
7.8 - High
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.
Session Riding
Never-Expire Sessions in SINEC Traffic Analyzer v<1.2 Unauth Access
CVE-2024-35206
7.7 - High
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application does not expire the session. This could allow an attacker to get unauthorized access.
Insufficient Session Expiration
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Siemens Sinec Traffic Analyzer or by Siemens? Click the Watch button to subscribe.
