cvelist/2019/18xxx/CVE-2019-18312.json

{
    "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2019-18312",
        "STATE": "PUBLIC"
    },
    "data_format": "MITRE",
    "data_version": "4.0",
    "data_type": "CVE",
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Siemens AG",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "SPPA-T3000 MS3000 Migration Server",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "All versions"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-287: Improper Authentication"
                    }
                ]
            }
        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to enumerate running\nRPC services.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known.  \n"
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "CONFIRM",
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
            }
        ]
    }
}
Siemens CVE update for Siemens-AD-2019-12 2019-12-12 16:22:36 +01:00			`{`
			`"CVE_data_meta": {`
			`"ASSIGNER": "productcert@siemens.com",`
			`"ID": "CVE-2019-18312",`
			`"STATE": "PUBLIC"`
			`},`
			`"data_format": "MITRE",`
			`"data_version": "4.0",`
			`"data_type": "CVE",`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Siemens AG",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "SPPA-T3000 MS3000 Migration Server",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "All versions"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-287: Improper Authentication"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
			`"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to enumerate running\nRPC services.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known. \n"`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"refsource": "CONFIRM",`
			`"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"`
			`}`
			`]`
			`}`
			`}`