216.73.216.133

CVE-2024-41980

· Published 12/08/2025 12:15 · Modified 12/08/2025 14:25

Labels: CVE-2024-41980 2025-08-12CVE-2024-41980CWE-311[email protected]

Essential information

Published
12/08/2025 12:15
Modified
12/08/2025 14:25
Author
Creator
CVSS
2.0 LOW (v3) 2.0 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application do not encrypt the communication in LDAP interface by default. This could allow an authenticated attacker to gain unauthorized access to sensitive information.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
siemens / smartclient opcenter ql home cpe:2.3:a:siemens:smartclient_opcenter_ql_home:>=13.2,<2506:*:*:*:*:*:*:*
siemens / smartclient soa audit cpe:2.3:a:siemens:smartclient_soa_audit:>=13.2,<2506:*:*:*:*:*:*:*
siemens / smartclient soa cockpit cpe:2.3:a:siemens:smartclient_soa_cockpit:>=13.2,<2506:*:*:*:*:*:*:*

References