Vulners
Lucene search
CVE-2024-31484
🗓️ 14 May 2024 10:02:23Reported by siemensType 
cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 62 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 15 |
|---|---|---|---|---|
 | CVE-2024-31484 | 26 Jun 202418:00 | – | circl |
 | Siemens 多款产品安全漏洞 | 14 May 202400:00 | – | cnnvd |
 | Unspecified Vulnerability in Siemens SICAM Products | 16 May 202400:00 | – | cnvd |
 | CVE-2024-31484 | 14 May 202410:02 | – | cvelist |
 | EUVD-2024-29364 | 3 Oct 202520:07 | – | euvd |
 | Siemens SICAM Products | 14 May 202400:00 | – | ics |
| Siemens SICAM AK3/BC/TM | 11 Jun 202400:00 | – | ics |
 | Vulnerabilities fixed in Siemens products | 14 May 202400:00 | – | ncsc |
| Vulnerabilities fixed in Siemens products | 11 Jun 202413:29 | – | ncsc |
 | CVE-2024-31484 | 14 May 202416:16 | – | nvd |
10
[
{
"vendor": "Siemens",
"product": "CPC80 Central Processing/Communication",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V16.41",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "CPCI85 Central Processing/Communication",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V5.30",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "CPCX26 Central Processing/Communication",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V06.02",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "ETA4 Ethernet Interface IEC60870-5-104",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V10.46",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V03.27",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "PCCX26 Ax 1703 PE, Contr, Communication Element",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V06.05",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| Session-ID | header | SICAM_TOOLBOX_1703_remote_connection_00.htm | Improper null termination in HTTP header Session-ID leading to memory leakage/read of memory and potential code execution. | CWE-170 |
| Cmd_SetCustomViewValue | body | sicweb-ajax/rtum85/cview | Privilege escalation via modifying view parameters in web interface to intercept unencrypted traffic and access higher-privilege data. | CWE-200 |
| p0 | body | sicweb-ajax/rtum85/cview | Privilege escalation via modifying view parameters in web interface to intercept unencrypted traffic and access higher-privilege data. | CWE-200 |
| Session-ID | header | SICAM_TOOLBOX_1703_remote_connection_01.htm | Same buffer handling vulnerability as CVE-2024-31484 triggered by Session-ID header leading to possible memory corruption. | CWE-170 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
15 Apr 2026 00:35Current
7.6High risk
Vulners AI Score7.6
CVSS 47.3
CVSS 3.17.8
EPSS0.00062
SSVC