CVE-2024-22045

Name of the Vulnerable Software and Affected Versions SINEMA Remote Connect Client versions prior to V3.1 SP1

Description A vulnerability has been identified in the SINEMA Remote Connect Client, where sensitive information is placed into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product. The vulnerability is related to a potential information leak, which could allow a remote attacker to impact the confidentiality and integrity of protected information.

Recommendations For SINEMA Remote Connect Client versions prior to V3.1 SP1, update to version V3.1 SP1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation. Additionally, limit access to the web interface of the product to authorized personnel only.