Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 by Siemens

    CVE-2024-38877 (GCVE-0-2024-38877)

    Vulnerability from nvd – Published: 2024-08-02 10:36 – Updated: 2025-11-03 21:55
    VLAI
    Summary
    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-312 - Cleartext Storage of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Siemens Omnivise T3000 Application Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Domain Controller R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Product Data Management (PDM) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP3 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP4 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Security Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Terminal Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Thin Client R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Whitelisting Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    siemens omnivise_t3000_application_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_application_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_domain_controller Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_domain_controller:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_nids Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_nids:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_pdim Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_pdim:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_security_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_security_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_terminal_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_terminal_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_thin_client Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_thin_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_whitelisting_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_application_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_application_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_domain_controller:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_domain_controller",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_nids:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_nids",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_pdim:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_pdim",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_security_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_security_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_terminal_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_terminal_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_thin_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_thin_client",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_whitelisting_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38877",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-02T15:42:49.638111Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:55:27.565Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:55:54.936Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2024/Nov/5"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Application Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Domain Controller R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Product Data Management (PDM) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP3",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP4",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Security Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Terminal Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Thin Client R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Whitelisting Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection.  An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-312",
                  "description": "CWE-312: Cleartext Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T07:54:13.668Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-857368.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-38877",
        "datePublished": "2024-08-02T10:36:18.219Z",
        "dateReserved": "2024-06-21T08:28:10.678Z",
        "dateUpdated": "2025-11-03T21:55:54.936Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-38877 (GCVE-0-2024-38877)

    Vulnerability from cvelistv5 – Published: 2024-08-02 10:36 – Updated: 2025-11-03 21:55
    VLAI
    Summary
    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-312 - Cleartext Storage of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Siemens Omnivise T3000 Application Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Domain Controller R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Product Data Management (PDM) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP3 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP4 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Security Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Terminal Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Thin Client R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Whitelisting Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    siemens omnivise_t3000_application_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_application_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_domain_controller Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_domain_controller:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_nids Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_nids:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_pdim Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_pdim:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_security_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_security_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_terminal_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_terminal_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_thin_client Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_thin_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_whitelisting_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_application_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_application_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_domain_controller:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_domain_controller",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_nids:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_nids",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_pdim:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_pdim",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_security_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_security_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_terminal_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_terminal_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_thin_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_thin_client",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_whitelisting_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38877",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-02T15:42:49.638111Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:55:27.565Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:55:54.936Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2024/Nov/5"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Application Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Domain Controller R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Product Data Management (PDM) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP3",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP4",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Security Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Terminal Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Thin Client R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Whitelisting Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection.  An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-312",
                  "description": "CWE-312: Cleartext Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T07:54:13.668Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-857368.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-38877",
        "datePublished": "2024-08-02T10:36:18.219Z",
        "dateReserved": "2024-06-21T08:28:10.678Z",
        "dateUpdated": "2025-11-03T21:55:54.936Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }