MEDIUM🇬🇧 English

CVE-2019-13947

CVSS 4.9v3.1pub. 2019-12-12upd. 2024-11-21

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The user configuration menu in the web interface of the Control Center Server (CCS) transfers user passwords in clear to the client (browser). An attacker with administrative privileges for the web interface could be able to read (and not only reset) passwords of other CCS users.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  • Siemens Sinvr 3 Central Control Server

    APP
    Siemens
    wszystkie wersje
  • Siemens Sinvr 3 Video Server

    APP
    Siemens
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-18337CRITICAL9.8ten sam produkt

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center...

CVE-2019-18339CRITICAL9.8ten sam produkt

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The HTTP service (def...

CVE-2019-19297HIGH7.5ten sam produkt

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The streaming service...

CVE-2019-19292HIGH8.8ten sam produkt

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center...

CVE-2019-18338HIGH7.7ten sam produkt

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center...

CVE-2019-13947 — MEDIUM 4.9 | CVEbaza.pl