Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2020-AVI-132
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SiNVR 3 Central Control Server (CCS)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK 840D",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Spectrum Power 5 versions ant\u00e9rieures \u00e0 v5.50 HF02",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SiNVR 3 Video Server",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 versions ant\u00e9rieures \u00e0 V3.X.17",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-19290",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19290"
},
{
"name": "CVE-2019-18336",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18336"
},
{
"name": "CVE-2020-7579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7579"
},
{
"name": "CVE-2019-19292",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19292"
},
{
"name": "CVE-2019-19299",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19299"
},
{
"name": "CVE-2019-19295",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19295"
},
{
"name": "CVE-2019-19294",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19294"
},
{
"name": "CVE-2019-19298",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19298"
},
{
"name": "CVE-2019-19291",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19291"
},
{
"name": "CVE-2019-19293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19293"
},
{
"name": "CVE-2019-19297",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19297"
},
{
"name": "CVE-2019-19296",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19296"
}
],
"initial_release_date": "2020-03-10T00:00:00",
"last_revision_date": "2020-03-10T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-508982 du 10 mars 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-844761 du 10 mars 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-938930 du 10 mars 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-938930.pdf"
}
],
"reference": "CERTFR-2020-AVI-132",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SIemens ssa-508982 du 10 mars 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SIemens ssa-844761 du 10 mars 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SIemens ssa-938930 du 10 mars 2020",
"url": null
}
]
}
CVE-2019-19291 (GCVE-0-2019-19291)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain
log files that store login credentials in cleartext.
In configurations where the FTP service is enabled, authenticated remote
attackers could extract login credentials of other users of the service.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Control Center Server (CCS) |
Version: All versions < V1.5.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Control Center Server (CCS)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\nlog files that store login credentials in cleartext.\nIn configurations where the FTP service is enabled, authenticated remote\nattackers could extract login credentials of other users of the service."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313: Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:19.475Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19291",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19299 (GCVE-0-2019-19299)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-326 - Inadequate Encryption Strength
Summary
A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNVR/SiVMS Video Server (All versions >= V5.0.0 < V5.0.2), SiNVR/SiVMS Video Server (All versions >= V5.0.2). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server
applies weak cryptography when exposing device (camera) passwords.
This could allow an unauthenticated remote attacker to read and decrypt
the passwords and conduct further attacks.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SiNVR/SiVMS Video Server |
Version: All versions < V5.0.0 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:46.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V5.0.0 \u003c V5.0.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V5.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions \u003c V5.0.0), SiNVR/SiVMS Video Server (All versions \u003e= V5.0.0 \u003c V5.0.2), SiNVR/SiVMS Video Server (All versions \u003e= V5.0.2). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server\napplies weak cryptography when exposing device (camera) passwords.\nThis could allow an unauthenticated remote attacker to read and decrypt\nthe passwords and conduct further attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326: Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:29.166Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19299",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:16:46.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19294 (GCVE-0-2019-19294)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The web interface of the Control Center Server (CCS) contains
multiple stored Cross-site Scripting (XSS) vulnerabilities in several input
fields.
This could allow an authenticated remote attacker to inject malicious
JavaScript code into the CCS web application that is later executed
in the browser context of any other user who views the relevant CCS
web content.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Control Center Server (CCS) |
Version: All versions < V1.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Control Center Server (CCS)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0). The web interface of the Control Center Server (CCS) contains\nmultiple stored Cross-site Scripting (XSS) vulnerabilities in several input\nfields.\nThis could allow an authenticated remote attacker to inject malicious\nJavaScript code into the CCS web application that is later executed\nin the browser context of any other user who views the relevant CCS\nweb content."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:23.099Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19294",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19295 (GCVE-0-2019-19295)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-11-18 17:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-778 - Insufficient Logging
Summary
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) does not enforce logging of
security-relevant activities in its XML-based communication protocol
as provided by default on ports 5444/tcp and 5440/tcp.
An authenticated remote attacker could exploit this vulnerability to
perform covert actions that are not visible in the application log.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Control Center Server (CCS) |
Version: All versions < V1.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-19295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-16T20:19:51.942522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T17:47:21.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Control Center Server (CCS)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0). The Control Center Server (CCS) does not enforce logging of\nsecurity-relevant activities in its XML-based communication protocol\nas provided by default on ports 5444/tcp and 5440/tcp.\nAn authenticated remote attacker could exploit this vulnerability to\nperform covert actions that are not visible in the application log."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-778",
"description": "CWE-778: Insufficient Logging",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:24.293Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19295",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-11-18T17:47:21.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19290 (GCVE-0-2019-19290)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The DOWNLOADS section in the web interface of the Control Center
Server (CCS) contains a path traversal vulnerability
that could allow an authenticated remote attacker to access and download
arbitrary files from the server where CCS is installed.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Control Center Server (CCS) |
Version: All versions < V1.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Control Center Server (CCS)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0). The DOWNLOADS section in the web interface of the Control Center\nServer (CCS) contains a path traversal vulnerability\nthat could allow an authenticated remote attacker to access and download\narbitrary files from the server where CCS is installed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:18.279Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19290",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18336 (GCVE-0-2019-18336)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 01:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens AG | SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) |
Version: All versions < V3.X.17 |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:54:14.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.X.17"
}
]
},
{
"product": "SIMATIC TDC CP51M1",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.8"
}
]
},
{
"product": "SIMATIC TDC CPU555",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.1"
}
]
},
{
"product": "SINUMERIK 840D sl",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8.6"
}
]
},
{
"product": "SINUMERIK 840D sl",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.94"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V3.X.17), SIMATIC TDC CP51M1 (All versions \u003c V1.1.8), SIMATIC TDC CPU555 (All versions \u003c V1.1.1), SINUMERIK 840D sl (All versions \u003c V4.8.6), SINUMERIK 840D sl (All versions \u003c V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-14T13:18:04",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-18336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.X.17"
}
]
}
},
{
"product_name": "SIMATIC TDC CP51M1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.1.8"
}
]
}
},
{
"product_name": "SIMATIC TDC CPU555",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.1.1"
}
]
}
},
{
"product_name": "SINUMERIK 840D sl",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.8.6"
}
]
}
},
{
"product_name": "SINUMERIK 840D sl",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.94"
}
]
}
}
]
},
"vendor_name": "Siemens AG"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V3.X.17), SIMATIC TDC CP51M1 (All versions \u003c V1.1.8), SIMATIC TDC CPU555 (All versions \u003c V1.1.1), SINUMERIK 840D sl (All versions \u003c V4.8.6), SINUMERIK 840D sl (All versions \u003c V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-18336",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-10-23T00:00:00",
"dateUpdated": "2024-08-05T01:54:14.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19292 (GCVE-0-2019-19292)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains an SQL injection
vulnerability in its XML-based communication protocol as provided by default
on ports 5444/tcp and 5440/tcp.
An authenticated remote attacker could exploit this vulnerability to
read or modify the CCS database and potentially execute administrative
database operations or operating system commands.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Control Center Server (CCS) |
Version: All versions < V1.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Control Center Server (CCS)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0). The Control Center Server (CCS) contains an SQL injection\nvulnerability in its XML-based communication protocol as provided by default\non ports 5444/tcp and 5440/tcp.\nAn authenticated remote attacker could exploit this vulnerability to\nread or modify the CCS database and potentially execute administrative\ndatabase operations or operating system commands."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:20.710Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19292",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19296 (GCVE-0-2019-19296)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The two FTP services (default ports 21/tcp and 5411/tcp) of the SiVMS/SiNVR Video
Server contain a path traversal vulnerability
that could allow an authenticated remote attacker to access and download
arbitrary files from the server, if the FTP services are enabled.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | SiNVR/SiVMS Video Server |
Version: All versions < V5.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The two FTP services (default ports 21/tcp and 5411/tcp) of the SiVMS/SiNVR Video\nServer contain a path traversal vulnerability\nthat could allow an authenticated remote attacker to access and download\narbitrary files from the server, if the FTP services are enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:25.518Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19296",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19298 (GCVE-0-2019-19298)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNVR/SiVMS Video Server (All versions >= V5.0.0 < V5.0.2). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server
contains a input validation vulnerability, that could allow
an unauthenticated remote attacker to cause a Denial-of-Service condition
by sending malformed HTTP requests.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | SiNVR/SiVMS Video Server |
Version: All versions < V5.0.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:46.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V5.0.0 \u003c V5.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions \u003c V5.0.0), SiNVR/SiVMS Video Server (All versions \u003e= V5.0.0 \u003c V5.0.2). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server\ncontains a input validation vulnerability, that could allow\nan unauthenticated remote attacker to cause a Denial-of-Service condition\nby sending malformed HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:27.965Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19298",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:16:46.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19293 (GCVE-0-2019-19293)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The web interface of the Control Center Server (CCS) contains a
reflected Cross-site Scripting (XSS) vulnerability
that could allow an unauthenticated remote attacker to steal sensitive data
or execute administrative actions on behalf of a legitimate administrator
of the CCS web interface.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Control Center Server (CCS) |
Version: All versions < V1.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Control Center Server (CCS)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0). The web interface of the Control Center Server (CCS) contains a\nreflected Cross-site Scripting (XSS) vulnerability\nthat could allow an unauthenticated remote attacker to steal sensitive data\nor execute administrative actions on behalf of a legitimate administrator\nof the CCS web interface."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:21.904Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19293",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7579 (GCVE-0-2020-7579)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-04 09:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Summary
A vulnerability has been identified in Spectrum Power™ 5 (All versions < v5.50 HF02). The web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. If deployed according to recommended system configuration, Siemens consideres the environmental vector as CR:L/IR:M/AR:H/MAV:A (4.1).
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens AG | Spectrum Power™ 5 |
Version: All versions < v5.50 HF02 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-938930.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spectrum Power\u2122 5",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c v5.50 HF02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Spectrum Power\u2122 5 (All versions \u003c v5.50 HF02). The web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. If deployed according to recommended system configuration, Siemens consideres the environmental vector as CR:L/IR:M/AR:H/MAV:A (4.1)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-10T19:16:17",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-938930.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-7579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spectrum Power\u2122 5",
"version": {
"version_data": [
{
"version_value": "All versions \u003c v5.50 HF02"
}
]
}
}
]
},
"vendor_name": "Siemens AG"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Spectrum Power\u2122 5 (All versions \u003c v5.50 HF02). The web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. If deployed according to recommended system configuration, Siemens consideres the environmental vector as CR:L/IR:M/AR:H/MAV:A (4.1)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-938930.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-938930.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-7579",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19297 (GCVE-0-2019-19297)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server
contains a path traversal vulnerability, that could allow an
unauthenticated remote attacker to access and download arbitrary files from the server.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | SiNVR/SiVMS Video Server |
Version: All versions < V5.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server\ncontains a path traversal vulnerability, that could allow an\nunauthenticated remote attacker to access and download arbitrary files from the server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:26.734Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19297",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…