Medium severity4.9NVD Advisory· Published Nov 12, 2024· Updated Jun 17, 2026
CVE-2024-46892
CVE-2024-46892
Description
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an authenticated attacker to continue performing malicious actions even after their user account has been disabled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<V1.0 SP2 Update 3+ 1 more
- (no CPE)range: <V1.0 SP2 Update 3
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- cert-portal.siemens.com/productcert/html/ssa-915275.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.