CVE-2019-18338
published 2019-12-12CVE-2019-18338: A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal…
PriorityP342medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
2.65%
83.7th percentile
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal
vulnerability in its XML-based communication protocol as provided by default
on ports 5444/tcp and 5440/tcp.
An authenticated remote attacker with network access to the CCS server
could exploit this vulnerability to list arbitrary directories
or read files outside of the CCS application context.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | control_center_server | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q9wr-9rpv-8m6q: A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions)
ghsa_unreviewed·2022-05-24
CVE-2019-18338 [HIGH] CWE-22 GHSA-q9wr-9rpv-8m6q: A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions)
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The SiNVR 3 Central Control Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context.
CISA ICS
Siemens and PKE Control Center Server
cisa_ics·2021-04-13·CVSS 4.9
[MEDIUM] Siemens and PKE Control Center Server
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens and PKE Control Center Server
Last RevisedApril 13, 2021
Alert CodeICSA-21-103-10
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.9
- ATTENTION: Exploitable remotely/low attack complexity
- Vendors: Siemens/PKE
- Equipment: Control Center Server (CCS)
- Vulnerabilities: Cleartext Storage of Sensitive Information in GUI, Improper Authentication, Relative Path Traversal, Use of a Broken or Risky Cryptographic Algorithm, Exposed Dangerous Method or Function, Path Traversal, Cleartext Storage in a File or on Disk, SQL Injection, Cross-site Scripting, Insufficient Logging
## 2. RISK
CISA ICS
Siemens and PKE SiNVR, SiVMS Video Server (Update A)
cisa_ics·2019-12-10·CVSS 4.9
[MEDIUM] Siemens and PKE SiNVR, SiVMS Video Server (Update A)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens and PKE SiNVR, SiVMS Video Server (Update A)
Last RevisedApril 14, 2021
Alert CodeICSA-19-344-02
## 1. EXECUTIVE SUMMARY
--------- Begin Update A Part 1 of 6 ---------
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendors: Siemens and PKE
- Equipment: SiNVR, SiVMS Video Servers
- Vulnerabilities: Missing Authentication for Critical Function, Weak Cryptography for Passwords
--------- End Update A Part 1 of 6 ---------
## 2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-19-344-02 Siemens SiNVR
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-12-12
Published