CVE-2019-18341 vulnerability in Siemens Products
Published on December 12, 2019
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The SFTP service (default port 22/tcp) of the Control Center Server (CCS) contains an authentication bypass vulnerability. A remote attacker with network access to the CCS server could exploit this vulnerability to read data from the EDIR directory (for example, the list of all configured stations).
Weakness Type
What is an authentification Vulnerability?
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
CVE-2019-18341 has been classified to as an authentification vulnerability or weakness.
Products Associated with CVE-2019-18341
stack.watch emails you whenever new vulnerabilities are published in Siemens Sinvr 3 Central Control Server or Siemens Sinvr 3 Video Server. Just hit a watch button to start following.
Affected Versions
Siemens Control Center Server (CCS) Version All versions < V1.5.0 is affected by CVE-2019-18341Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.