Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-19291 (GCVE-0-2019-19291)
Vulnerability from cvelistv5 – Published: 2020-03-10 19:16 – Updated: 2024-08-05 02:09
VLAI?
EPSS
Summary
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain
log files that store login credentials in cleartext.
In configurations where the FTP service is enabled, authenticated remote
attackers could extract login credentials of other users of the service.
Severity ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Control Center Server (CCS) |
Affected:
All versions < V1.5.0
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Control Center Server (CCS)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\nlog files that store login credentials in cleartext.\nIn configurations where the FTP service is enabled, authenticated remote\nattackers could extract login credentials of other users of the service."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313: Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:19.475Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19291",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:sinvr_3_central_control_server:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16668E9A-2D0A-425E-87F4-18CFC50551D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:sinvr_3_video_server:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F21BB6D-BFE0-4B69-97F2-1A871A390B1E\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\\nlog files that store login credentials in cleartext.\\nIn configurations where the FTP service is enabled, authenticated remote\\nattackers could extract login credentials of other users of the service.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad en el Servidor del Centro de Control (CCS) (Todas las versiones anteriores a V1.5.0), el Servidor de V\\u00eddeo SiNVR/SiVMS (Todas las versiones anteriores a V5.0.0). Los servicios FTP del SiVMS/SiNVR Video Server y del Control Center Server (CCS) mantienen archivos de registro que almacenan las credenciales de inicio de sesi\\u00f3n en texto claro. En las configuraciones en las que el servicio FTP est\\u00e1 habilitado, los atacantes remotos autentificados podr\\u00edan extraer las credenciales de inicio de sesi\\u00f3n de otros usuarios del servicio\"}]",
"id": "CVE-2019-19291",
"lastModified": "2024-11-21T04:34:30.567",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"productcert@siemens.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:P/I:N/A:N\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-03-10T20:15:19.180",
"references": "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf\", \"source\": \"productcert@siemens.com\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"productcert@siemens.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-313\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-312\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-19291\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2020-03-10T20:15:19.180\",\"lastModified\":\"2024-11-21T04:34:30.567\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\\nlog files that store login credentials in cleartext.\\nIn configurations where the FTP service is enabled, authenticated remote\\nattackers could extract login credentials of other users of the service.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en el Servidor del Centro de Control (CCS) (Todas las versiones anteriores a V1.5.0), el Servidor de V\u00eddeo SiNVR/SiVMS (Todas las versiones anteriores a V5.0.0). Los servicios FTP del SiVMS/SiNVR Video Server y del Control Center Server (CCS) mantienen archivos de registro que almacenan las credenciales de inicio de sesi\u00f3n en texto claro. En las configuraciones en las que el servicio FTP est\u00e1 habilitado, los atacantes remotos autentificados podr\u00edan extraer las credenciales de inicio de sesi\u00f3n de otros usuarios del servicio\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:P/I:N/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-313\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-312\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinvr_3_central_control_server:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16668E9A-2D0A-425E-87F4-18CFC50551D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinvr_3_video_server:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F21BB6D-BFE0-4B69-97F2-1A871A390B1E\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf\",\"source\":\"productcert@siemens.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2021-AVI-255
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | LOGO! Soft Comfort toutes versions | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2019 R2 | ||
| Siemens | N/A | Solid Edge SE2021 versions antérieures à SE2021MP4 | ||
| Siemens | N/A | SIMATIC NET CP 443-1 Advanced (incl. SIPLUSvariants) versions antérieures à V3.2.9 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2019 R3 | ||
| Siemens | N/A | Nucleus NET versions antérieures à 5.2 | ||
| Siemens | N/A | TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUSNET variants) versions antérieures à V2.6.0 | ||
| Siemens | N/A | SiNVR/SiVMS Video Server toutes versions | ||
| Siemens | N/A | Nucleus RTOS versions contenant le module DNS affecté | ||
| Siemens | N/A | SIMATIC NET CP 343-1 Advanced (incl. SIPLUSvariants) versions antérieures à V3.0.44 | ||
| Siemens | N/A | Solid Edge SE2020 toutes versions | ||
| Siemens | N/A | SIMATIC NET CP 343-1 Lean (incl. SIPLUS vari-ants) versions antérieures à V3.1.1 | ||
| Siemens | N/A | SIMATIC NET CP 443-5 Basic (incl. SIPLUS vari-ants) toutes versions | ||
| Siemens | N/A | Opcenter Quality versions antérieures à 12.2 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2019 R1 | ||
| Siemens | N/A | SIMATIC NET CP 443-5 Extended toutes versions | ||
| Siemens | N/A | VSTAR versions contenant le module DNS affecté | ||
| Siemens | N/A | Control Center Server (CCS) toutes versions | ||
| Siemens | N/A | TIM 4R-IE (incl. SIPLUS NET variants) toutes versions | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2020 R1 | ||
| Siemens | N/A | SINEMA Remote Connect Server versions antérieures à 3.0 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2020 R2 | ||
| Siemens | N/A | SIMATIC NET CP 343-1 Standard (incl. SIPLUSvariants) versions antérieures à V3.1.1 | ||
| Siemens | N/A | SIMATIC NET CP 443-1 Standard (incl. SIPLUSvariants) versions antérieures à V3.2.9 | ||
| Siemens | N/A | SIMATIC NET CP 342-5 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2018 R2 | ||
| Siemens | N/A | Nucleus ReadyStart toutes versions | ||
| Siemens | N/A | Nucleus 4 versions antérieures à 4.1.0 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2018 R3 | ||
| Siemens | N/A | QMS Automotive versions antérieures à 12.30 | ||
| Siemens | N/A | Tecnomatix RobotExpert versions antérieures à 16.1 | ||
| Siemens | N/A | TIM 3V-IE DNP3 (incl. SIPLUS NET variants) versions antérieures à V3.1.0 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2020 R3 | ||
| Siemens | N/A | Nucleus Source Code versions contenant le module DNS affecté | ||
| Siemens | N/A | TIM 4R-IE DNP3 (incl. SIPLUS NET variants) toutes versions | ||
| Siemens | N/A | SIMOTICS CONNECT 400 toutes verions |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "LOGO! Soft Comfort toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2019 R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2021 versions ant\u00e9rieures \u00e0 SE2021MP4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 443-1 Advanced (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.2.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2019 R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus NET versions ant\u00e9rieures \u00e0 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUSNET variants) versions ant\u00e9rieures \u00e0 V2.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SiNVR/SiVMS Video Server toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus RTOS versions contenant le module DNS affect\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 343-1 Advanced (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.0.44",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2020 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 343-1 Lean (incl. SIPLUS vari-ants) versions ant\u00e9rieures \u00e0 V3.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 443-5 Basic (incl. SIPLUS vari-ants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Opcenter Quality versions ant\u00e9rieures \u00e0 12.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2019 R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 443-5 Extended toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "VSTAR versions contenant le module DNS affect\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Control Center Server (CCS) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 4R-IE (incl. SIPLUS NET variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2020 R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Server versions ant\u00e9rieures \u00e0 3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2020 R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 343-1 Standard (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 443-1 Standard (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.2.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 342-5 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2018 R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus ReadyStart toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus 4 versions ant\u00e9rieures \u00e0 4.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2018 R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "QMS Automotive versions ant\u00e9rieures \u00e0 12.30",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix RobotExpert versions ant\u00e9rieures \u00e0 16.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 3V-IE DNP3 (incl. SIPLUS NET variants) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2020 R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus Source Code versions contenant le module DNS affect\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 4R-IE DNP3 (incl. SIPLUS NET variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMOTICS CONNECT 400 toutes verions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-27009",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27009"
},
{
"name": "CVE-2015-7855",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7855"
},
{
"name": "CVE-2019-18339",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18339"
},
{
"name": "CVE-2016-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1547"
},
{
"name": "CVE-2015-7973",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7973"
},
{
"name": "CVE-2016-4953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4953"
},
{
"name": "CVE-2021-27389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27389"
},
{
"name": "CVE-2021-27382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27382"
},
{
"name": "CVE-2020-27736",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27736"
},
{
"name": "CVE-2021-27380",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27380"
},
{
"name": "CVE-2015-5219",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5219"
},
{
"name": "CVE-2016-1550",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1550"
},
{
"name": "CVE-2015-7977",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7977"
},
{
"name": "CVE-2015-7705",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7705"
},
{
"name": "CVE-2021-27392",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27392"
},
{
"name": "CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"name": "CVE-2021-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25663"
},
{
"name": "CVE-2020-15795",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15795"
},
{
"name": "CVE-2015-8138",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
},
{
"name": "CVE-2016-4954",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4954"
},
{
"name": "CVE-2021-25664",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25664"
},
{
"name": "CVE-2020-25243",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25243"
},
{
"name": "CVE-2015-7974",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7974"
},
{
"name": "CVE-2015-8214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8214"
},
{
"name": "CVE-2019-19299",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19299"
},
{
"name": "CVE-2020-28385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28385"
},
{
"name": "CVE-2021-25678",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25678"
},
{
"name": "CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"name": "CVE-2021-27393",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27393"
},
{
"name": "CVE-2020-25244",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25244"
},
{
"name": "CVE-2019-18340",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18340"
},
{
"name": "CVE-2021-25670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25670"
},
{
"name": "CVE-2015-7979",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7979"
},
{
"name": "CVE-2015-7871",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7871"
},
{
"name": "CVE-2020-27738",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27738"
},
{
"name": "CVE-2019-19298",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19298"
},
{
"name": "CVE-2020-26997",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26997"
},
{
"name": "CVE-2019-19291",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19291"
},
{
"name": "CVE-2020-27737",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27737"
},
{
"name": "CVE-2019-19297",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19297"
},
{
"name": "CVE-2016-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1548"
},
{
"name": "CVE-2021-25677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25677"
},
{
"name": "CVE-2019-19296",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19296"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-255",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-788287 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-248289 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-853866 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-853866.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-185699 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-983300 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-983300.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-844761 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-163226 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-163226.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-763427 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-497656 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-761617 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-669158 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-574442 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-574442.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-705111 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-292794 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-761844 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
CERTFR-2020-AVI-132
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SiNVR 3 Central Control Server (CCS)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK 840D",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Spectrum Power 5 versions ant\u00e9rieures \u00e0 v5.50 HF02",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SiNVR 3 Video Server",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 versions ant\u00e9rieures \u00e0 V3.X.17",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-19290",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19290"
},
{
"name": "CVE-2019-18336",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18336"
},
{
"name": "CVE-2020-7579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7579"
},
{
"name": "CVE-2019-19292",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19292"
},
{
"name": "CVE-2019-19299",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19299"
},
{
"name": "CVE-2019-19295",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19295"
},
{
"name": "CVE-2019-19294",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19294"
},
{
"name": "CVE-2019-19298",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19298"
},
{
"name": "CVE-2019-19291",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19291"
},
{
"name": "CVE-2019-19293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19293"
},
{
"name": "CVE-2019-19297",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19297"
},
{
"name": "CVE-2019-19296",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19296"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-508982 du 10 mars 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-844761 du 10 mars 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-938930 du 10 mars 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-938930.pdf"
}
],
"reference": "CERTFR-2020-AVI-132",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SIemens ssa-508982 du 10 mars 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SIemens ssa-844761 du 10 mars 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SIemens ssa-938930 du 10 mars 2020",
"url": null
}
]
}
CERTFR-2020-AVI-132
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SiNVR 3 Central Control Server (CCS)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK 840D",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Spectrum Power 5 versions ant\u00e9rieures \u00e0 v5.50 HF02",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SiNVR 3 Video Server",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 versions ant\u00e9rieures \u00e0 V3.X.17",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-19290",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19290"
},
{
"name": "CVE-2019-18336",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18336"
},
{
"name": "CVE-2020-7579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7579"
},
{
"name": "CVE-2019-19292",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19292"
},
{
"name": "CVE-2019-19299",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19299"
},
{
"name": "CVE-2019-19295",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19295"
},
{
"name": "CVE-2019-19294",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19294"
},
{
"name": "CVE-2019-19298",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19298"
},
{
"name": "CVE-2019-19291",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19291"
},
{
"name": "CVE-2019-19293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19293"
},
{
"name": "CVE-2019-19297",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19297"
},
{
"name": "CVE-2019-19296",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19296"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-508982 du 10 mars 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-844761 du 10 mars 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-938930 du 10 mars 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-938930.pdf"
}
],
"reference": "CERTFR-2020-AVI-132",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SIemens ssa-508982 du 10 mars 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SIemens ssa-844761 du 10 mars 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SIemens ssa-938930 du 10 mars 2020",
"url": null
}
]
}
CERTFR-2021-AVI-255
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | LOGO! Soft Comfort toutes versions | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2019 R2 | ||
| Siemens | N/A | Solid Edge SE2021 versions antérieures à SE2021MP4 | ||
| Siemens | N/A | SIMATIC NET CP 443-1 Advanced (incl. SIPLUSvariants) versions antérieures à V3.2.9 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2019 R3 | ||
| Siemens | N/A | Nucleus NET versions antérieures à 5.2 | ||
| Siemens | N/A | TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUSNET variants) versions antérieures à V2.6.0 | ||
| Siemens | N/A | SiNVR/SiVMS Video Server toutes versions | ||
| Siemens | N/A | Nucleus RTOS versions contenant le module DNS affecté | ||
| Siemens | N/A | SIMATIC NET CP 343-1 Advanced (incl. SIPLUSvariants) versions antérieures à V3.0.44 | ||
| Siemens | N/A | Solid Edge SE2020 toutes versions | ||
| Siemens | N/A | SIMATIC NET CP 343-1 Lean (incl. SIPLUS vari-ants) versions antérieures à V3.1.1 | ||
| Siemens | N/A | SIMATIC NET CP 443-5 Basic (incl. SIPLUS vari-ants) toutes versions | ||
| Siemens | N/A | Opcenter Quality versions antérieures à 12.2 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2019 R1 | ||
| Siemens | N/A | SIMATIC NET CP 443-5 Extended toutes versions | ||
| Siemens | N/A | VSTAR versions contenant le module DNS affecté | ||
| Siemens | N/A | Control Center Server (CCS) toutes versions | ||
| Siemens | N/A | TIM 4R-IE (incl. SIPLUS NET variants) toutes versions | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2020 R1 | ||
| Siemens | N/A | SINEMA Remote Connect Server versions antérieures à 3.0 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2020 R2 | ||
| Siemens | N/A | SIMATIC NET CP 343-1 Standard (incl. SIPLUSvariants) versions antérieures à V3.1.1 | ||
| Siemens | N/A | SIMATIC NET CP 443-1 Standard (incl. SIPLUSvariants) versions antérieures à V3.2.9 | ||
| Siemens | N/A | SIMATIC NET CP 342-5 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2018 R2 | ||
| Siemens | N/A | Nucleus ReadyStart toutes versions | ||
| Siemens | N/A | Nucleus 4 versions antérieures à 4.1.0 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2018 R3 | ||
| Siemens | N/A | QMS Automotive versions antérieures à 12.30 | ||
| Siemens | N/A | Tecnomatix RobotExpert versions antérieures à 16.1 | ||
| Siemens | N/A | TIM 3V-IE DNP3 (incl. SIPLUS NET variants) versions antérieures à V3.1.0 | ||
| Siemens | N/A | Siveillance Video Open Network Bridge:2020 R3 | ||
| Siemens | N/A | Nucleus Source Code versions contenant le module DNS affecté | ||
| Siemens | N/A | TIM 4R-IE DNP3 (incl. SIPLUS NET variants) toutes versions | ||
| Siemens | N/A | SIMOTICS CONNECT 400 toutes verions |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "LOGO! Soft Comfort toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2019 R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2021 versions ant\u00e9rieures \u00e0 SE2021MP4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 443-1 Advanced (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.2.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2019 R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus NET versions ant\u00e9rieures \u00e0 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUSNET variants) versions ant\u00e9rieures \u00e0 V2.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SiNVR/SiVMS Video Server toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus RTOS versions contenant le module DNS affect\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 343-1 Advanced (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.0.44",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2020 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 343-1 Lean (incl. SIPLUS vari-ants) versions ant\u00e9rieures \u00e0 V3.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 443-5 Basic (incl. SIPLUS vari-ants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Opcenter Quality versions ant\u00e9rieures \u00e0 12.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2019 R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 443-5 Extended toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "VSTAR versions contenant le module DNS affect\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Control Center Server (CCS) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 4R-IE (incl. SIPLUS NET variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2020 R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Server versions ant\u00e9rieures \u00e0 3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2020 R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 343-1 Standard (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 443-1 Standard (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.2.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 342-5 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2018 R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus ReadyStart toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus 4 versions ant\u00e9rieures \u00e0 4.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2018 R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "QMS Automotive versions ant\u00e9rieures \u00e0 12.30",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix RobotExpert versions ant\u00e9rieures \u00e0 16.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 3V-IE DNP3 (incl. SIPLUS NET variants) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Video Open Network Bridge:2020 R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Nucleus Source Code versions contenant le module DNS affect\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 4R-IE DNP3 (incl. SIPLUS NET variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMOTICS CONNECT 400 toutes verions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-27009",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27009"
},
{
"name": "CVE-2015-7855",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7855"
},
{
"name": "CVE-2019-18339",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18339"
},
{
"name": "CVE-2016-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1547"
},
{
"name": "CVE-2015-7973",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7973"
},
{
"name": "CVE-2016-4953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4953"
},
{
"name": "CVE-2021-27389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27389"
},
{
"name": "CVE-2021-27382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27382"
},
{
"name": "CVE-2020-27736",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27736"
},
{
"name": "CVE-2021-27380",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27380"
},
{
"name": "CVE-2015-5219",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5219"
},
{
"name": "CVE-2016-1550",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1550"
},
{
"name": "CVE-2015-7977",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7977"
},
{
"name": "CVE-2015-7705",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7705"
},
{
"name": "CVE-2021-27392",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27392"
},
{
"name": "CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"name": "CVE-2021-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25663"
},
{
"name": "CVE-2020-15795",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15795"
},
{
"name": "CVE-2015-8138",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
},
{
"name": "CVE-2016-4954",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4954"
},
{
"name": "CVE-2021-25664",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25664"
},
{
"name": "CVE-2020-25243",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25243"
},
{
"name": "CVE-2015-7974",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7974"
},
{
"name": "CVE-2015-8214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8214"
},
{
"name": "CVE-2019-19299",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19299"
},
{
"name": "CVE-2020-28385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28385"
},
{
"name": "CVE-2021-25678",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25678"
},
{
"name": "CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"name": "CVE-2021-27393",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27393"
},
{
"name": "CVE-2020-25244",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25244"
},
{
"name": "CVE-2019-18340",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18340"
},
{
"name": "CVE-2021-25670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25670"
},
{
"name": "CVE-2015-7979",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7979"
},
{
"name": "CVE-2015-7871",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7871"
},
{
"name": "CVE-2020-27738",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27738"
},
{
"name": "CVE-2019-19298",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19298"
},
{
"name": "CVE-2020-26997",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26997"
},
{
"name": "CVE-2019-19291",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19291"
},
{
"name": "CVE-2020-27737",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27737"
},
{
"name": "CVE-2019-19297",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19297"
},
{
"name": "CVE-2016-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1548"
},
{
"name": "CVE-2021-25677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25677"
},
{
"name": "CVE-2019-19296",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19296"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-255",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-788287 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-248289 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-853866 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-853866.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-185699 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-983300 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-983300.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-844761 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-163226 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-163226.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-763427 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-497656 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-761617 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-669158 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-574442 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-574442.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-705111 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-292794 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-761844 du 13 avril 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
ICSA-21-103-10
Vulnerability from csaf_cisa - Published: 2021-04-13 00:00 - Updated: 2021-04-13 00:00Summary
Siemens and PKE Control Center Server
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may allow an attacker to read and write arbitrary files and sensitive data and execute commands and arbitrary code.
Critical infrastructure sectors
Commercial Facilities
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"names": [
"Rapha\u00ebl Rigo"
],
"organization": "Airbus Security Lab",
"summary": "reporting some of these vulnerabilities to Siemens"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may allow an attacker to read and write arbitrary files and sensitive data and execute commands and arbitrary code.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "external",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-761844.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-103-10 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-103-10.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-103-10 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-103-10"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
},
{
"category": "external",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-761844.txt"
}
],
"title": "Siemens and PKE Control Center Server",
"tracking": {
"current_release_date": "2021-04-13T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-103-10",
"initial_release_date": "2021-04-13T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-04-13T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-103-10 Siemens / PKE Control Center Server"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V1.5.0",
"product": {
"name": "Control Center Server (CCS)",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Control Center Server (CCS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= V1.5.0",
"product": {
"name": "Control Center Server (CCS)",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Control Center Server (CCS)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13947",
"cwe": {
"id": "CWE-317",
"name": "Cleartext Storage of Sensitive Information in GUI"
},
"notes": [
{
"category": "summary",
"text": "The user configuration menu in the web interface of the Control Center Server (CCS) transfers user passwords in clear to the client (browser).\n\nAn attacker with administrative privileges for the web interface could be able to read (and not only reset) passwords of other CCS users.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-13947 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-13947 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-13947.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13947"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-13947"
},
{
"cve": "CVE-2019-18337",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) contains an authentication bypass vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp.\n\nA remote attacker with network access to the CCS server could exploit this vulnerability to read the CCS users database, including the passwords of all users in obfuscated cleartext.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-18337 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18337 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18337.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18337"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-18337"
},
{
"cve": "CVE-2019-18338",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp.\n\nAn authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-18338 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18338 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18338.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18338"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-18338"
},
{
"cve": "CVE-2019-18340",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"notes": [
{
"category": "summary",
"text": "Both the SiVMS/SiNVR Video Server and the Control Center Server (CCS) store user and device passwords by applying weak cryptography.\n\nA local attacker could exploit this vulnerability to extract the passwords from the user database and/or the device configuration files to conduct further attacks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"summary": "CVE-2019-18340 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18340 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18340.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18340"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "none_available",
"details": "Currently no remediation is available",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2019-18340"
},
{
"cve": "CVE-2019-18341",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "The SFTP service (default port 22/tcp) of the Control Center Server (CCS) contains an authentication bypass vulnerability.\n\nA remote attacker with network access to the CCS server could exploit this vulnerability to read data from the EDIR directory (for example, the list of all configured stations).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-18341 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18341 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18341.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18341"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-18341"
},
{
"cve": "CVE-2019-18342",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "summary",
"text": "The SFTP service (default port 22/tcp) of the Control Center Server (CCS) does not properly limit its capabilities to the specified purpose.\n\nIn conjunction with CVE-2019-18341, an unauthenticated remote attacker with network access to the CCS server could exploit this vulnerability to read or delete arbitrary files, or access other resources on the same server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-18342 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18342 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18342.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18342"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-18342"
},
{
"cve": "CVE-2019-19290",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The DOWNLOADS section in the web interface of the Control Center Server (CCS) contains a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary files from the server where CCS is installed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19290 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19290 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19290.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19290"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19290"
},
{
"cve": "CVE-2019-19291",
"cwe": {
"id": "CWE-313",
"name": "Cleartext Storage in a File or on Disk"
},
"notes": [
{
"category": "summary",
"text": "The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain log files that store login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19291 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19291 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19291.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19291"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19291"
},
{
"cve": "CVE-2019-19292",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) contains an SQL injection vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to read or modify the CCS database and potentially execute administrative database operations or operating system commands.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19292 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19292 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19292.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19292"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19292"
},
{
"cve": "CVE-2019-19293",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the Control Center Server (CCS) contains a reflected Cross-site Scripting (XSS) vulnerability that could allow an unauthenticated remote attacker to steal sensitive data or execute administrative actions on behalf of a legitimate administrator of the CCS web interface.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19293 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19293 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19293.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19293"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19293"
},
{
"cve": "CVE-2019-19294",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the Control Center Server (CCS) contains multiple stored Cross-site Scripting (XSS) vulnerabilities in several input fields. This could allow an authenticated remote attacker to inject malicious JavaScript code into the CCS web application that is later executed in the browser context of any other user who views the relevant CCS web content.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19294 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19294 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19294.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19294"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19294"
},
{
"cve": "CVE-2019-19295",
"cwe": {
"id": "CWE-778",
"name": "Insufficient Logging"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) does not enforce logging of security-relevant activities in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to perform covert actions that are not visible in the application log.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19295 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19295 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19295.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19295"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19295"
}
]
}
ICSA-20-070-01
Vulnerability from csaf_cisa - Published: 2020-03-10 00:00 - Updated: 2021-08-10 00:00Summary
ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Summary
Siemens reported these vulnerabilities to CISA.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "summary",
"text": "Siemens reported these vulnerabilities to CISA.",
"title": "Summary"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "CISAservicedesk@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "external",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-761844.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-20-070-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-070-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-20-070-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-070-01"
},
{
"category": "external",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
},
{
"category": "external",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-761844.txt"
}
],
"title": "ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B)",
"tracking": {
"current_release_date": "2021-08-10T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA USCert CSAF Generator",
"version": "1"
}
},
"id": "ICSA-20-070-01",
"initial_release_date": "2020-03-10T00:00:00.000000Z",
"revision_history": [
{
"date": "2020-03-10T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-20-070-01 Siemens SiNVR 3"
},
{
"date": "2021-04-20T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-20-070-01 Siemens and PKE SiNVR/SiVMS Video Server (Update A)"
},
{
"date": "2021-08-10T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-20-070-01 Siemens and PKE SiNVR SiVMS Video Server (Update B)"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V1.5.0",
"product": {
"name": "Control Center Server (CCS)",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Control Center Server (CCS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= V1.5.0",
"product": {
"name": "Control Center Server (CCS)",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Control Center Server (CCS)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13947",
"cwe": {
"id": "CWE-317",
"name": "Cleartext Storage of Sensitive Information in GUI"
},
"notes": [
{
"category": "summary",
"text": "The user configuration menu in the web interface of the Control Center Server (CCS) transfers user passwords in clear to the client (browser).\n\nAn attacker with administrative privileges for the web interface could be able to read (and not only reset) passwords of other CCS users.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-13947 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-13947 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-13947.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-13947"
},
{
"cve": "CVE-2019-18337",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) contains an authentication bypass vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp.\n\nA remote attacker with network access to the CCS server could exploit this vulnerability to read the CCS users database, including the passwords of all users in obfuscated cleartext.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-18337 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18337 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18337.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-18337"
},
{
"cve": "CVE-2019-18338",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp.\n\nAn authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-18338 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18338 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18338.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-18338"
},
{
"cve": "CVE-2019-18340",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"notes": [
{
"category": "summary",
"text": "Both the SiVMS/SiNVR Video Server and the Control Center Server (CCS) store user and device passwords by applying weak cryptography.\n\nA local attacker could exploit this vulnerability to extract the passwords from the user database and/or the device configuration files to conduct further attacks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"summary": "CVE-2019-18340 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18340 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18340.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "none_available",
"details": "Currently no remediation is available",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2019-18340"
},
{
"cve": "CVE-2019-18341",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "The SFTP service (default port 22/tcp) of the Control Center Server (CCS) contains an authentication bypass vulnerability.\n\nA remote attacker with network access to the CCS server could exploit this vulnerability to read data from the EDIR directory (for example, the list of all configured stations).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-18341 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18341 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18341.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-18341"
},
{
"cve": "CVE-2019-18342",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "summary",
"text": "The SFTP service (default port 22/tcp) of the Control Center Server (CCS) does not properly limit its capabilities to the specified purpose.\n\nIn conjunction with CVE-2019-18341, an unauthenticated remote attacker with network access to the CCS server could exploit this vulnerability to read or delete arbitrary files, or access other resources on the same server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-18342 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-18342 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-18342.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-18342"
},
{
"cve": "CVE-2019-19290",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The DOWNLOADS section in the web interface of the Control Center Server (CCS) contains a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary files from the server where CCS is installed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19290 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19290 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19290.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19290"
},
{
"cve": "CVE-2019-19291",
"cwe": {
"id": "CWE-313",
"name": "Cleartext Storage in a File or on Disk"
},
"notes": [
{
"category": "summary",
"text": "The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain log files that store login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19291 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19291 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19291.json"
},
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19291"
},
{
"cve": "CVE-2019-19292",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) contains an SQL injection vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to read or modify the CCS database and potentially execute administrative database operations or operating system commands.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19292 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19292 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19292.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19292"
},
{
"cve": "CVE-2019-19293",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the Control Center Server (CCS) contains a reflected Cross-site Scripting (XSS) vulnerability that could allow an unauthenticated remote attacker to steal sensitive data or execute administrative actions on behalf of a legitimate administrator of the CCS web interface.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19293 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19293 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19293.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19293"
},
{
"cve": "CVE-2019-19294",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the Control Center Server (CCS) contains multiple stored Cross-site Scripting (XSS) vulnerabilities in several input fields. This could allow an authenticated remote attacker to inject malicious JavaScript code into the CCS web application that is later executed in the browser context of any other user who views the relevant CCS web content.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19294 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19294 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19294.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19294"
},
{
"cve": "CVE-2019-19295",
"cwe": {
"id": "CWE-778",
"name": "Insufficient Logging"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) does not enforce logging of security-relevant activities in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to perform covert actions that are not visible in the application log.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2019-19295 - Control Center Server (CCS)",
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"summary": "CVE-2019-19295 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2019-19295.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://sivms.cloud/control-center-server-ccs/"
},
{
"category": "mitigation",
"details": "General (applies to all vulnerabilities listed in this advisory) - Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340 - Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294 - Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291 - Disable the FTP service of the CCS",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-19295"
}
]
}
SSA-761844
Vulnerability from csaf_siemens - Published: 2021-04-13 00:00 - Updated: 2024-01-09 00:00Summary
SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS)
Notes
Summary
The advisory informs about multiple vulnerabilities in the Central Control Server (CCS) application, as initially
reported in SSA-761617 (
https://cert-portal.siemens.com/productcert/html/ssa-761617.html) on 2019-12-10
and SSA-844761 (https://cert-portal.siemens.com/productcert/html/ssa-844761.html) on 2020-03-10.
The vulnerabilities involve authentication bypass (CVE-2019-18337, CVE-2019-18341),
path traversal (CVE-2019-18338, CVE-2019-19290), information disclosure (CVE-2019-13947, CVE-2019-18340, CVE-2019-19291),
privilege escalation (CVE-2019-18342), SQL injection (CVE-2019-19292), cross-site scripting (CVE-2019-19293, CVE-2019-19294), and
insufficient logging (CVE-2019-19295).
PKE has released an update for CCS that fixes the reported vulnerabilities, except for CVE-2019-18340. For details contact PKE (
https://pke.at/).
Siemens recommends to update to the latest version and recommends specific countermeasures to mitigate the vulnerabilities.
General Recommendations
As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The advisory informs about multiple vulnerabilities in the Central Control Server (CCS) application, as initially\nreported in SSA-761617 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-761617.html) on 2019-12-10\nand SSA-844761 (https://cert-portal.siemens.com/productcert/html/ssa-844761.html) on 2020-03-10.\nThe vulnerabilities involve authentication bypass (CVE-2019-18337, CVE-2019-18341),\npath traversal (CVE-2019-18338, CVE-2019-19290), information disclosure (CVE-2019-13947, CVE-2019-18340, CVE-2019-19291),\nprivilege escalation (CVE-2019-18342), SQL injection (CVE-2019-19292), cross-site scripting (CVE-2019-19293, CVE-2019-19294), and\ninsufficient logging (CVE-2019-19295).\n\nPKE has released an update for CCS that fixes the reported vulnerabilities, except for CVE-2019-18340. For details contact PKE (\nhttps://pke.at/).\nSiemens recommends to update to the latest version and recommends specific countermeasures to mitigate the vulnerabilities.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-761844.html"
},
{
"category": "self",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-761844.json"
},
{
"category": "self",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
},
{
"category": "self",
"summary": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS) - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-761844.txt"
}
],
"title": "SSA-761844: Multiple Vulnerabilities in Control Center Server (CCS)",
"tracking": {
"current_release_date": "2024-01-09T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-761844",
"initial_release_date": "2021-04-13T00:00:00Z",
"revision_history": [
{
"date": "2021-04-13T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-01-09T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Cleanup: removed orphaned links to vendor advisories and software downloads"
}
],
"status": "interim",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV1.5.0",
"product": {
"name": "Control Center Server (CCS)",
"product_id": "1"
}
},
{
"category": "product_version_range",
"name": "\u003e=V1.5.0",
"product": {
"name": "Control Center Server (CCS)",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "Control Center Server (CCS)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13947",
"cwe": {
"id": "CWE-317",
"name": "Cleartext Storage of Sensitive Information in GUI"
},
"notes": [
{
"category": "summary",
"text": "The user configuration menu in the web interface of the\nControl Center Server (CCS) transfers user passwords in clear to the\nclient (browser).\n\nAn attacker with administrative privileges for the web interface could be\nable to read (and not only reset) passwords of other CCS users.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-13947"
},
{
"cve": "CVE-2019-18337",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) contains an authentication bypass\nvulnerability in its XML-based communication protocol as provided by default\non ports 5444/tcp and 5440/tcp.\n\nA remote attacker with network access to the CCS server could\nexploit this vulnerability to read the CCS users database, including\nthe passwords of all users in obfuscated cleartext.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-18337"
},
{
"cve": "CVE-2019-18338",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) contains a directory traversal\nvulnerability in its XML-based communication protocol as provided by default\non ports 5444/tcp and 5440/tcp.\n\nAn authenticated remote attacker with network access to the CCS server\ncould exploit this vulnerability to list arbitrary directories\nor read files outside of the CCS application context.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-18338"
},
{
"cve": "CVE-2019-18340",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"notes": [
{
"category": "summary",
"text": "Both the SiVMS/SiNVR Video Server and the Control Center Server (CCS) store\nuser and device passwords by applying weak cryptography.\n\nA local attacker could exploit this vulnerability to extract\nthe passwords from the user database and/or the device configuration files\nto conduct further attacks.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1",
"2"
]
},
{
"category": "mitigation",
"details": "CVE-2019-18340: Harden the CCS server to prevent local access by unauthorized users",
"product_ids": [
"1",
"2"
]
},
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2019-18340"
},
{
"cve": "CVE-2019-18341",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "The SFTP service (default port 22/tcp) of the Control Center Server\n(CCS) contains an authentication bypass vulnerability.\n\nA remote attacker with network access to the CCS server could\nexploit this vulnerability to read data from the EDIR directory\n(for example, the list of all configured stations).\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-18341"
},
{
"cve": "CVE-2019-18342",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "summary",
"text": "The SFTP service (default port 22/tcp) of the Control Center Server\n(CCS) does not properly limit its capabilities to the specified purpose.\n\nIn conjunction with CVE-2019-18341, an unauthenticated remote attacker with\nnetwork access to the CCS server could exploit this vulnerability\nto read or delete arbitrary files, or access other resources on the same\nserver.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-18342"
},
{
"cve": "CVE-2019-19290",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The DOWNLOADS section in the web interface of the Control Center\nServer (CCS) contains a path traversal vulnerability\nthat could allow an authenticated remote attacker to access and download\narbitrary files from the server where CCS is installed.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294: Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-19290"
},
{
"cve": "CVE-2019-19291",
"cwe": {
"id": "CWE-313",
"name": "Cleartext Storage in a File or on Disk"
},
"notes": [
{
"category": "summary",
"text": "The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\nlog files that store login credentials in cleartext.\nIn configurations where the FTP service is enabled, authenticated remote\nattackers could extract login credentials of other users of the service.\n\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291: Disable the FTP service of the CCS",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-19291"
},
{
"cve": "CVE-2019-19292",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) contains an SQL injection\nvulnerability in its XML-based communication protocol as provided by default\non ports 5444/tcp and 5440/tcp.\nAn authenticated remote attacker could exploit this vulnerability to\nread or modify the CCS database and potentially execute administrative\ndatabase operations or operating system commands.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-19292"
},
{
"cve": "CVE-2019-19293",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the Control Center Server (CCS) contains a\nreflected Cross-site Scripting (XSS) vulnerability\nthat could allow an unauthenticated remote attacker to steal sensitive data\nor execute administrative actions on behalf of a legitimate administrator\nof the CCS web interface.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294: Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-19293"
},
{
"cve": "CVE-2019-19294",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the Control Center Server (CCS) contains\nmultiple stored Cross-site Scripting (XSS) vulnerabilities in several input\nfields.\nThis could allow an authenticated remote attacker to inject malicious\nJavaScript code into the CCS web application that is later executed\nin the browser context of any other user who views the relevant CCS\nweb content.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19290, CVE-2019-19293, CVE-2019-19294: Disable the web interface of CCS if not used. Alternatively, restrict access from localhost only, or only to trusted hosts of CCS administrators. Enable TLS for the web interface of CCS.",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-19294"
},
{
"cve": "CVE-2019-19295",
"cwe": {
"id": "CWE-778",
"name": "Insufficient Logging"
},
"notes": [
{
"category": "summary",
"text": "The Control Center Server (CCS) does not enforce logging of\nsecurity-relevant activities in its XML-based communication protocol\nas provided by default on ports 5444/tcp and 5440/tcp.\nAn authenticated remote attacker could exploit this vulnerability to\nperform covert actions that are not visible in the application log.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the CCS server to ensure that only legitimate systems are able to access the configured CCS server ports. Harden the CCS server accordingly to prevent unauthorized access. Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level).",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-19295"
}
]
}
SSA-844761
Vulnerability from csaf_siemens - Published: 2020-03-10 00:00 - Updated: 2024-01-09 00:00Summary
SSA-844761: Multiple Vulnerabilities in SiNVR/SiVMS Video Server
Notes
Summary
The Video Server application in SiNVR/SiVMS solutions contains five vulnerabilities
involving information disclosure (CVE-2019-19291, CVE-2019-19299),
path traversal (CVE-2019-19296, CVE-2019-19297), and denial-of-service (CVE-2019-19298).
PKE has released updates of the application that fixes the reported vulnerabilities, except for CVE-2019-19299.
This update is not available under the former Siemens OEM brand name SiNVR.
For details contact PKE (
https://pke.at/).
General Recommendations
As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Video Server application in SiNVR/SiVMS solutions contains five vulnerabilities\ninvolving information disclosure (CVE-2019-19291, CVE-2019-19299),\npath traversal (CVE-2019-19296, CVE-2019-19297), and denial-of-service (CVE-2019-19298).\n\nPKE has released updates of the application that fixes the reported vulnerabilities, except for CVE-2019-19299.\nThis update is not available under the former Siemens OEM brand name SiNVR.\nFor details contact PKE (\nhttps://pke.at/).",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-844761: Multiple Vulnerabilities in SiNVR/SiVMS Video Server - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-844761.html"
},
{
"category": "self",
"summary": "SSA-844761: Multiple Vulnerabilities in SiNVR/SiVMS Video Server - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-844761.json"
},
{
"category": "self",
"summary": "SSA-844761: Multiple Vulnerabilities in SiNVR/SiVMS Video Server - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"category": "self",
"summary": "SSA-844761: Multiple Vulnerabilities in SiNVR/SiVMS Video Server - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-844761.txt"
}
],
"title": "SSA-844761: Multiple Vulnerabilities in SiNVR/SiVMS Video Server",
"tracking": {
"current_release_date": "2024-01-09T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-844761",
"initial_release_date": "2020-03-10T00:00:00Z",
"revision_history": [
{
"date": "2020-03-10T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2021-04-13T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added partial solution for SiNVR/SiVMS Video Server; removed information for Control Center Server (CCS), which is now addressed in SSA-761844"
},
{
"date": "2021-08-10T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added solution for CVE-2019-19298 and related additional security hardening measures"
},
{
"date": "2024-01-09T00:00:00Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Cleanup: removed orphaned links to vendor advisories and software downloads"
}
],
"status": "interim",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.0.0",
"product": {
"name": "SiNVR/SiVMS Video Server",
"product_id": "1"
}
},
{
"category": "product_version_range",
"name": "\u003e=V5.0.0\u003cV5.0.2",
"product": {
"name": "SiNVR/SiVMS Video Server",
"product_id": "2"
}
},
{
"category": "product_version_range",
"name": "\u003e=V5.0.2",
"product": {
"name": "SiNVR/SiVMS Video Server",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "SiNVR/SiVMS Video Server"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-19291",
"cwe": {
"id": "CWE-313",
"name": "Cleartext Storage in a File or on Disk"
},
"notes": [
{
"category": "summary",
"text": "The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\nlog files that store login credentials in cleartext.\nIn configurations where the FTP service is enabled, authenticated remote\nattackers could extract login credentials of other users of the service.\n\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the Video Servers to ensure that only legitimate systems are able to access the configured server ports. Harden all systems accordingly to prevent unauthorized access Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level)",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291, CVE-2019-19296: Disable the two FTP services of the Video Server",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.0.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-19291"
},
{
"cve": "CVE-2019-19296",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The two FTP services (default ports 21/tcp and 5411/tcp) of the SiVMS/SiNVR Video\nServer contain a path traversal vulnerability\nthat could allow an authenticated remote attacker to access and download\narbitrary files from the server, if the FTP services are enabled.\n\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the Video Servers to ensure that only legitimate systems are able to access the configured server ports. Harden all systems accordingly to prevent unauthorized access Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level)",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19291, CVE-2019-19296: Disable the two FTP services of the Video Server",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.0.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-19296"
},
{
"cve": "CVE-2019-19297",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server\ncontains a path traversal vulnerability, that could allow an\nunauthenticated remote attacker to access and download arbitrary files from the server.\n\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the Video Servers to ensure that only legitimate systems are able to access the configured server ports. Harden all systems accordingly to prevent unauthorized access Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level)",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.0.0 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2019-19297"
},
{
"cve": "CVE-2019-19298",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server\ncontains a input validation vulnerability, that could allow\nan unauthenticated remote attacker to cause a Denial-of-Service condition\nby sending malformed HTTP requests.\n\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the Video Servers to ensure that only legitimate systems are able to access the configured server ports. Harden all systems accordingly to prevent unauthorized access Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level)",
"product_ids": [
"1",
"2"
]
},
{
"category": "mitigation",
"details": "CVE-2019-19298: The update to V5.0.2 also provides an additional authentication feature that allows to protect the access to the streaming service via individual account names and passwords for every stream recorder. It is recommended to configure this feature accordingly. For details see the release notes of V5.0.2",
"product_ids": [
"1",
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.0.0 or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.0.2 or later version",
"product_ids": [
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2019-19298"
},
{
"cve": "CVE-2019-19299",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server\napplies weak cryptography when exposing device (camera) passwords.\nThis could allow an unauthenticated remote attacker to read and decrypt\nthe passwords and conduct further attacks.\n\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Apply ACL/firewall configuration on the Video Servers to ensure that only legitimate systems are able to access the configured server ports. Harden all systems accordingly to prevent unauthorized access Consider to apply encryption and authentication on the network (e.g., via TLS on application level or via IPSec on host level)",
"product_ids": [
"1",
"2",
"3"
]
},
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"3"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.0.0 or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.0.2 or later version",
"product_ids": [
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"3",
"1",
"2"
]
}
],
"title": "CVE-2019-19299"
}
]
}
CNVD-2020-17014
Vulnerability from cnvd - Published: 2020-03-13
VLAI Severity ?
Title
Siemens SiNVR 3 纯文本保存文件漏洞
Description
SiNVR 3是一个视频管理平台。Central Control Server (CCS)是中央控制服务器,Video Server是视频服务器。
SiNVR 3在日志文件中以纯文本形式保存登陆凭证,在实现中存在信息泄露漏洞,远程攻击者可利用此漏洞获取其他用户的登陆凭证。
Severity
低
Patch Name
Siemens SiNVR 3 纯文本保存文件漏洞的补丁
Patch Description
SiNVR 3是一个视频管理平台。Central Control Server (CCS)是中央控制服务器,Video Server是视频服务器。
SiNVR 3在日志文件中以纯文本形式保存登陆凭证,在实现中存在信息泄露漏洞,远程攻击者可利用此漏洞获取其他用户的登陆凭证。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布相关修复方案,请及时更新: https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-19291
Impacted products
| Name | ['Siemens SiNVR 3 Central Control Server (CCS)', 'Siemens SiNVR 3 Video Server'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-19291"
}
},
"description": "SiNVR 3\u662f\u4e00\u4e2a\u89c6\u9891\u7ba1\u7406\u5e73\u53f0\u3002Central Control Server (CCS)\u662f\u4e2d\u592e\u63a7\u5236\u670d\u52a1\u5668\uff0cVideo Server\u662f\u89c6\u9891\u670d\u52a1\u5668\u3002\n\nSiNVR 3\u5728\u65e5\u5fd7\u6587\u4ef6\u4e2d\u4ee5\u7eaf\u6587\u672c\u5f62\u5f0f\u4fdd\u5b58\u767b\u9646\u51ed\u8bc1\uff0c\u5728\u5b9e\u73b0\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u83b7\u53d6\u5176\u4ed6\u7528\u6237\u7684\u767b\u9646\u51ed\u8bc1\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u76f8\u5173\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-17014",
"openTime": "2020-03-13",
"patchDescription": "SiNVR 3\u662f\u4e00\u4e2a\u89c6\u9891\u7ba1\u7406\u5e73\u53f0\u3002Central Control Server (CCS)\u662f\u4e2d\u592e\u63a7\u5236\u670d\u52a1\u5668\uff0cVideo Server\u662f\u89c6\u9891\u670d\u52a1\u5668\u3002\r\n\r\nSiNVR 3\u5728\u65e5\u5fd7\u6587\u4ef6\u4e2d\u4ee5\u7eaf\u6587\u672c\u5f62\u5f0f\u4fdd\u5b58\u767b\u9646\u51ed\u8bc1\uff0c\u5728\u5b9e\u73b0\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u83b7\u53d6\u5176\u4ed6\u7528\u6237\u7684\u767b\u9646\u51ed\u8bc1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Siemens SiNVR 3 \u7eaf\u6587\u672c\u4fdd\u5b58\u6587\u4ef6\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Siemens SiNVR 3 Central Control Server (CCS)",
"Siemens SiNVR 3 Video Server"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-19291",
"serverity": "\u4f4e",
"submitTime": "2020-03-12",
"title": "Siemens SiNVR 3 \u7eaf\u6587\u672c\u4fdd\u5b58\u6587\u4ef6\u6f0f\u6d1e"
}
GSD-2019-19291
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain log files that store login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-19291",
"description": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain log files that store login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.",
"id": "GSD-2019-19291"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-19291"
],
"details": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain log files that store login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.",
"id": "GSD-2019-19291",
"modified": "2023-12-13T01:23:54.473282Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-19291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Control Center Server (CCS)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V1.5.0"
}
]
}
},
{
"product_name": "SiNVR/SiVMS Video Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.0.0"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\nlog files that store login credentials in cleartext.\nIn configurations where the FTP service is enabled, authenticated remote\nattackers could extract login credentials of other users of the service."
}
]
},
"impact": {
"cvss": [
{
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-313",
"lang": "eng",
"value": "CWE-313: Cleartext Storage in a File or on Disk"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:sinvr_3_central_control_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16668E9A-2D0A-425E-87F4-18CFC50551D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinvr_3_video_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F21BB6D-BFE0-4B69-97F2-1A871A390B1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\nlog files that store login credentials in cleartext.\nIn configurations where the FTP service is enabled, authenticated remote\nattackers could extract login credentials of other users of the service."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en el Servidor del Centro de Control (CCS) (Todas las versiones anteriores a V1.5.0), el Servidor de V\u00eddeo SiNVR/SiVMS (Todas las versiones anteriores a V5.0.0). Los servicios FTP del SiVMS/SiNVR Video Server y del Control Center Server (CCS) mantienen archivos de registro que almacenan las credenciales de inicio de sesi\u00f3n en texto claro. En las configuraciones en las que el servicio FTP est\u00e1 habilitado, los atacantes remotos autentificados podr\u00edan extraer las credenciales de inicio de sesi\u00f3n de otros usuarios del servicio"
}
],
"id": "CVE-2019-19291",
"lastModified": "2024-01-09T10:15:11.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2020-03-10T20:15:19.180",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-313"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
}
}
}
FKIE_CVE-2019-19291
Vulnerability from fkie_nvd - Published: 2020-03-10 20:15 - Updated: 2024-11-21 04:34
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain
log files that store login credentials in cleartext.
In configurations where the FTP service is enabled, authenticated remote
attackers could extract login credentials of other users of the service.
References
| URL | Tags | ||
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | sinvr_3_central_control_server | * | |
| siemens | sinvr_3_video_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:sinvr_3_central_control_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16668E9A-2D0A-425E-87F4-18CFC50551D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinvr_3_video_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F21BB6D-BFE0-4B69-97F2-1A871A390B1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\nlog files that store login credentials in cleartext.\nIn configurations where the FTP service is enabled, authenticated remote\nattackers could extract login credentials of other users of the service."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en el Servidor del Centro de Control (CCS) (Todas las versiones anteriores a V1.5.0), el Servidor de V\u00eddeo SiNVR/SiVMS (Todas las versiones anteriores a V5.0.0). Los servicios FTP del SiVMS/SiNVR Video Server y del Control Center Server (CCS) mantienen archivos de registro que almacenan las credenciales de inicio de sesi\u00f3n en texto claro. En las configuraciones en las que el servicio FTP est\u00e1 habilitado, los atacantes remotos autentificados podr\u00edan extraer las credenciales de inicio de sesi\u00f3n de otros usuarios del servicio"
}
],
"id": "CVE-2019-19291",
"lastModified": "2024-11-21T04:34:30.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2020-03-10T20:15:19.180",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-313"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
GHSA-42WF-QRFC-C5M5
Vulnerability from github – Published: 2022-05-24 17:10 – Updated: 2024-01-09 12:30
VLAI?
Details
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The FTP service of the SiNVR 3 Central Control Server (CCS) maintains a log file that stores login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.
Severity ?
5.3 (Medium)
{
"affected": [],
"aliases": [
"CVE-2019-19291"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-03-10T20:15:00Z",
"severity": "LOW"
},
"details": "A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The FTP service of the SiNVR 3 Central Control Server (CCS) maintains a log file that stores login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.",
"id": "GHSA-42wf-qrfc-c5m5",
"modified": "2024-01-09T12:30:35Z",
"published": "2022-05-24T17:10:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19291"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
VAR-202003-0775
Vulnerability from variot - Updated: 2024-02-20 21:40A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain log files that store login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service. SiNVR 3 is a video management platform.
SiNVR 3 saves the login credentials in plain text in the log file. There is an information disclosure vulnerability in the implementation. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-0775",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinvr 3 central control server",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinvr 3 video server",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinvr 3 video server",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "sinvr 3 central control server",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "sinvr central control server",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "3"
},
{
"model": "sinvr video server",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinvr 3 central control server",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinvr 3 video server",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"db": "CNVD",
"id": "CNVD-2020-17014"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014872"
},
{
"db": "NVD",
"id": "CVE-2019-19291"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinvr_3_central_control_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:sinvr_3_video_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-19291"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-475"
}
],
"trust": 0.6
},
"cve": "CVE-2019-19291",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-19291",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2020-17014",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-014872",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-19291",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2019-19291",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-17014",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-475",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-19291",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"db": "CNVD",
"id": "CNVD-2020-17014"
},
{
"db": "VULMON",
"id": "CVE-2019-19291"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014872"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-475"
},
{
"db": "NVD",
"id": "CVE-2019-19291"
},
{
"db": "NVD",
"id": "CVE-2019-19291"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\nlog files that store login credentials in cleartext. \nIn configurations where the FTP service is enabled, authenticated remote\nattackers could extract login credentials of other users of the service. SiNVR 3 is a video management platform. \n\r\n\r\nSiNVR 3 saves the login credentials in plain text in the log file. There is an information disclosure vulnerability in the implementation. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-19291"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014872"
},
{
"db": "CNVD",
"id": "CNVD-2020-17014"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"db": "VULMON",
"id": "CVE-2019-19291"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-19291",
"trust": 4.1
},
{
"db": "SIEMENS",
"id": "SSA-761844",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-844761",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-20-070-01",
"trust": 1.4
},
{
"db": "CNVD",
"id": "CNVD-2020-17014",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202003-475",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96269392",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014872",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041517",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-103-10",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "46125",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1240",
"trust": 0.6
},
{
"db": "IVD",
"id": "FA26A4B9-AD52-4E6D-94D3-990BF1F05D32",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2019-19291",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"db": "CNVD",
"id": "CNVD-2020-17014"
},
{
"db": "VULMON",
"id": "CVE-2019-19291"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014872"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-475"
},
{
"db": "NVD",
"id": "CVE-2019-19291"
}
]
},
"id": "VAR-202003-0775",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"db": "CNVD",
"id": "CNVD-2020-17014"
}
],
"trust": 1.454873825
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"db": "CNVD",
"id": "CNVD-2020-17014"
}
]
},
"last_update_date": "2024-02-20T21:40:03.943000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-844761",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"title": "Patch for Siemens SiNVR 3 Plain Text Save File Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/208749"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=03dd7efb196bdf8da925c4ca8f3d02f6"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=941d6ca22d089421a99575c44abd4248"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-17014"
},
{
"db": "VULMON",
"id": "CVE-2019-19291"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014872"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-313",
"trust": 1.0
},
{
"problemtype": "Plaintext storage of important information (CWE-312) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014872"
},
{
"db": "NVD",
"id": "CVE-2019-19291"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19291"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-01"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96269392/index.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46125"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-070-01"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-10"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1240"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041517"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/313.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-761844.txt"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-17014"
},
{
"db": "VULMON",
"id": "CVE-2019-19291"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014872"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-475"
},
{
"db": "NVD",
"id": "CVE-2019-19291"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"db": "CNVD",
"id": "CNVD-2020-17014"
},
{
"db": "VULMON",
"id": "CVE-2019-19291"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014872"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-475"
},
{
"db": "NVD",
"id": "CVE-2019-19291"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-10T00:00:00",
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"date": "2020-03-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-17014"
},
{
"date": "2020-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2019-19291"
},
{
"date": "2020-03-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014872"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2020-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-475"
},
{
"date": "2020-03-10T20:15:19.180000",
"db": "NVD",
"id": "CVE-2019-19291"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-17014"
},
{
"date": "2021-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2019-19291"
},
{
"date": "2024-02-20T07:05:00",
"db": "JVNDB",
"id": "JVNDB-2019-014872"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-08-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-475"
},
{
"date": "2024-01-09T10:15:11.373000",
"db": "NVD",
"id": "CVE-2019-19291"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-475"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SiNVR 3 Plain text save file vulnerability",
"sources": [
{
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"db": "CNVD",
"id": "CNVD-2020-17014"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "fa26a4b9-ad52-4e6d-94d3-990bf1f05d32"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-475"
}
],
"trust": 1.4
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…