CVE-2024-35208

Name of the Vulnerable Software and Affected Versions: SINEC Traffic Analyzer versions prior to V1.2

Description: A vulnerability has been identified in the web server of SINEC Traffic Analyzer, where passwords are stored in cleartext. This could allow an attacker in a privileged position to obtain access passwords. The issue is related to insufficient protection of registration data, which may enable an attacker to gain unauthorized access to passwords and elevate their privileges.

Recommendations: For versions prior to V1.2, consider restricting access to the web server or implementing additional security measures to protect registration data until a fix is available. As a temporary workaround, avoid using the web server for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.