{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2024-41978", "ASSIGNER": "productcert@siemens.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-532: Insertion of Sensitive Information into Log File", "cweId": "CWE-532" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Siemens", "product": { "product_data": [ { "product_name": "RUGGEDCOM RM1224 LTE(4G) EU", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "RUGGEDCOM RM1224 LTE(4G) NAM", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M804PB", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M812-1 ADSL-Router family", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M816-1 ADSL-Router family", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M826-2 SHDSL-Router", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M874-2", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M874-3", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M874-3 3G-Router (CN)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M876-3", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M876-3 (ROK)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M876-4", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M876-4 (EU)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE M876-4 (NAM)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE MUM853-1 (A1)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE MUM853-1 (B1)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE MUM853-1 (EU)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE MUM856-1 (A1)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE MUM856-1 (B1)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE MUM856-1 (CN)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE MUM856-1 (EU)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE MUM856-1 (RoW)", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE S615 EEC LAN-Router", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } }, { "product_name": "SCALANCE S615 LAN-Router", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "V8.1" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html", "refsource": "MISC", "name": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html" } ] }, "impact": { "cvss": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ] } }