Home

Description

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool.

PUBLISHED Reserved 2024-07-25 | Published 2025-08-12 | Updated 2025-08-12 | Assigner siemens




LOW: 3.5CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
MEDIUM: 5.1CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-209: Generation of Error Message Containing Sensitive Information

Product status

Default status
unknown

V13.2 before V2506
affected

Default status
unknown

V13.2 before V2506
affected

Default status
unknown

V13.2 before V2506
affected

References

cert-portal.siemens.com/productcert/html/ssa-382999.html

cve.org (CVE-2024-41983)

nvd.nist.gov (CVE-2024-41983)

Download JSON