CVE-2024-41938 Information

Description

A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on.

Reference

https://cert-portal.siemens.com/productcert/html/ssa-784301.html