Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for omnivise_t3000_thin_client by siemens

    CVE-2024-38877 (GCVE-0-2024-38877)

    Vulnerability from nvd – Published: 2024-08-02 10:36 – Updated: 2025-11-03 21:55
    VLAI
    Summary
    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-312 - Cleartext Storage of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Siemens Omnivise T3000 Application Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Domain Controller R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Product Data Management (PDM) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP3 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP4 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Security Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Terminal Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Thin Client R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Whitelisting Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    siemens omnivise_t3000_application_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_application_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_domain_controller Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_domain_controller:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_nids Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_nids:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_pdim Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_pdim:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_security_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_security_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_terminal_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_terminal_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_thin_client Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_thin_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_whitelisting_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_application_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_application_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_domain_controller:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_domain_controller",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_nids:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_nids",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_pdim:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_pdim",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_security_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_security_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_terminal_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_terminal_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_thin_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_thin_client",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_whitelisting_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38877",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-02T15:42:49.638111Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:55:27.565Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:55:54.936Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2024/Nov/5"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Application Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Domain Controller R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Product Data Management (PDM) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP3",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP4",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Security Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Terminal Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Thin Client R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Whitelisting Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection.  An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-312",
                  "description": "CWE-312: Cleartext Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T07:54:13.668Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-857368.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-38877",
        "datePublished": "2024-08-02T10:36:18.219Z",
        "dateReserved": "2024-06-21T08:28:10.678Z",
        "dateUpdated": "2025-11-03T21:55:54.936Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-38876 (GCVE-0-2024-38876)

    Vulnerability from nvd – Published: 2024-08-02 10:36 – Updated: 2025-11-03 21:55
    VLAI
    Summary
    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    Impacted products
    Vendor Product Version
    Siemens Omnivise T3000 Application Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Domain Controller R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Product Data Management (PDM) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP3 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP4 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Terminal Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Thin Client R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Whitelisting Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    siemens omnivise_t3000_application_server_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_application_server_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_domain_controller_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_domain_controller_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_product_data_management_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_product_data_management_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_r8.2_sp3 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_r8.2_sp3:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_r82_sp4 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_r82_sp4:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_terminal_server_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_terminal_server_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_thin_client_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_thin_client_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_whitelisting_server_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_application_server_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_application_server_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_domain_controller_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_domain_controller_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_product_data_management_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_product_data_management_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_r8.2_sp3:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_r8.2_sp3",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_r82_sp4:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_r82_sp4",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_terminal_server_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_terminal_server_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_thin_client_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_thin_client_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_whitelisting_server_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38876",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-02T14:21:31.609941Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-20T20:14:54.423Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:55:53.445Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2024/Nov/5"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Application Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Domain Controller R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Product Data Management (PDM) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP3",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP4",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Terminal Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Thin Client R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Whitelisting Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552: Files or Directories Accessible to External Parties",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T07:54:12.401Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-857368.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-38876",
        "datePublished": "2024-08-02T10:36:16.928Z",
        "dateReserved": "2024-06-21T08:28:10.677Z",
        "dateUpdated": "2025-11-03T21:55:53.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-38877 (GCVE-0-2024-38877)

    Vulnerability from cvelistv5 – Published: 2024-08-02 10:36 – Updated: 2025-11-03 21:55
    VLAI
    Summary
    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-312 - Cleartext Storage of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Siemens Omnivise T3000 Application Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Domain Controller R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Product Data Management (PDM) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP3 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP4 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Security Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Terminal Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Thin Client R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Whitelisting Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    siemens omnivise_t3000_application_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_application_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_domain_controller Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_domain_controller:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_nids Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_nids:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_pdim Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_pdim:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_security_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_security_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_terminal_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_terminal_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_thin_client Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_thin_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_whitelisting_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_application_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_application_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_domain_controller:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_domain_controller",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_nids:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_nids",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_pdim:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_pdim",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_security_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_security_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_terminal_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_terminal_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_thin_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_thin_client",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_whitelisting_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38877",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-02T15:42:49.638111Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:55:27.565Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:55:54.936Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2024/Nov/5"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Application Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Domain Controller R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Product Data Management (PDM) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP3",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP4",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Security Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Terminal Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Thin Client R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Whitelisting Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection.  An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-312",
                  "description": "CWE-312: Cleartext Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T07:54:13.668Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-857368.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-38877",
        "datePublished": "2024-08-02T10:36:18.219Z",
        "dateReserved": "2024-06-21T08:28:10.678Z",
        "dateUpdated": "2025-11-03T21:55:54.936Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-38876 (GCVE-0-2024-38876)

    Vulnerability from cvelistv5 – Published: 2024-08-02 10:36 – Updated: 2025-11-03 21:55
    VLAI
    Summary
    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    Impacted products
    Vendor Product Version
    Siemens Omnivise T3000 Application Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Domain Controller R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Product Data Management (PDM) R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP3 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 R8.2 SP4 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Terminal Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Thin Client R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Omnivise T3000 Whitelisting Server R9.2 Affected: 0 , < * (custom)
    Create a notification for this product.
    siemens omnivise_t3000_application_server_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_application_server_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_domain_controller_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_domain_controller_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_product_data_management_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_product_data_management_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_r8.2_sp3 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_r8.2_sp3:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_r82_sp4 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_r82_sp4:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_terminal_server_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_terminal_server_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_thin_client_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_thin_client_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens omnivise_t3000_whitelisting_server_r9.2 Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server_r9.2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_application_server_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_application_server_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_domain_controller_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_domain_controller_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_product_data_management_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_product_data_management_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_r8.2_sp3:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_r8.2_sp3",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_r82_sp4:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_r82_sp4",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_terminal_server_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_terminal_server_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_thin_client_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_thin_client_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server_r9.2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "omnivise_t3000_whitelisting_server_r9.2",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38876",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-02T14:21:31.609941Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-20T20:14:54.423Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:55:53.445Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2024/Nov/5"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Application Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Domain Controller R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Product Data Management (PDM) R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP3",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 R8.2 SP4",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Terminal Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Thin Client R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Omnivise T3000 Whitelisting Server R9.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552: Files or Directories Accessible to External Parties",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T07:54:12.401Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-857368.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-38876",
        "datePublished": "2024-08-02T10:36:16.928Z",
        "dateReserved": "2024-06-21T08:28:10.677Z",
        "dateUpdated": "2025-11-03T21:55:53.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }