CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-19291

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain log files that store login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.9%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 3.5

References

https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf

Products affected by CVE-2019-19291

Siemens » Sinvr 3 Central Control Server » Version: N/A

cpe:2.3:a:siemens:sinvr_3_central_control_server:-
Siemens » Sinvr 3 Video Server » Version: N/A

cpe:2.3:a:siemens:sinvr_3_video_server:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19291

Products

Pricing

Contact Us