SINEMA RC Client <3.2 SP2 Log Sensitive Config Data Leak
CVE-2024-42344 Published on September 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an authenticated attacker to compromise the confidentiality of other users' configuration data.
Weakness Type
Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
Products Associated with CVE-2024-42344
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-42344 are published in Siemens Sinema Remote Connect Client:
Affected Versions
Siemens SINEMA Remote Connect Client:- Before V3.2 SP2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.