CVE-2024-22045
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-22045
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1). The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
文件和路径信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens SINEMA Remote Connect 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens SINEMA Remote Connect是德国西门子(Siemens)公司的一套远程管理平台。该平台支持以高效安全的方式远程访问分布在全球各地的机器设备以及确保对控制中心、服务工程师与已安装设备之间的VPN通道进行安全管理等。 Siemens SINEMA Remote Connect V3.1 SP1之前版本存在安全漏洞,该漏洞源于存在敏感信息泄露,攻击者可以访问无权访问的文件或目录。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Siemens | SINEMA Remote Connect Client | 0 ~ V3.1 SP1 | - |
II. Public POCs for CVE-2024-22045
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-22045
请登录查看更多情报信息。
Same Patch Batch · Siemens · 2024-03-12 · 9 CVEs total
| CVE-2024-22039 | 10.0 CRITICAL | Siemens 多款产品安全漏洞 |
| CVE-2022-32257 | 9.8 CRITICAL | Siemens SINEMA Remote Connect Server 访问控制错误漏洞 |
| CVE-2024-27907 | 7.8 HIGH | Siemens Simcenter Femap 缓冲区错误漏洞 |
| CVE-2024-22044 | 7.5 HIGH | Siemens SENTRON 3KC ATC6 Expansion Module Ethernet 安全漏洞 |
| CVE-2024-22041 | 7.5 HIGH | Siemens 多款产品缓冲区错误漏洞 |
| CVE-2024-22040 | 7.5 HIGH | Siemens 多款产品缓冲区错误漏洞 |
| CVE-2023-45793 | 5.5 MEDIUM | Siemens Siveillance Control 安全漏洞 |
| CVE-2024-21483 | 4.6 MEDIUM | Siemens SENTRON 7KM PAC 访问控制错误漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-538
- CVE-2023-54346
WordPress Plugin Backup Migration 1.2.8 Unauthenticated Data - CVE-2026-7071
CodeAstro Online Job Portal user-cvs file information disclo - CVE-2026-6160
code-projects Simple ChatBox Endpoint chatbox.sql SimpleChat - CVE-2019-25706
Across DR-810 ROM-0 Unauthenticated File Disclosure - CVE-2026-33705
Chamilo LMS has unauthenticated access to Twig template sour
V. Comments for CVE-2024-22045
No comments yet