admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-139xx/CVE-2019-13919.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

121 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-13919",
"sourceIdentifier": "productcert@siemens.com",
"published": "2019-09-13T17:15:11.803",
"lastModified": "2021-11-02T20:02:56.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some pages that should only be accessible by a privileged user can also be accessed by a non-privileged user. The security vulnerability could be exploited by an attacker with network access and valid credentials for the web interface. No user interaction is required. The vulnerability could allow an attacker to access information that he should not be able to read. The affected information does not include passwords. At the time of advisory publication no public exploitation of this security vulnerability was known."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V2.0 SP1). Algunas p\u00e1ginas que deber\u00edan solo ser accedidas por parte de un usuario privilegiado pueden tambi\u00e9n ser accedidas por un usuario no privilegiado. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante con acceso a la red y credenciales v\u00e1lidas para la interfaz web. No se requiere interacci\u00f3n del usuario. La vulnerabilidad podr\u00eda permitir a un atacante acceder a informaci\u00f3n que no deber\u00eda ser capaz de leer. La informaci\u00f3n afectada no incluye contrase\u00f1as. Al momento de la publicaci\u00f3n de asesoramiento, no se conoc\u00eda una explotaci\u00f3n p\u00fablica de esta vulnerabilidad de seguridad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0",
"matchCriteriaId": "380C606D-43A0-4362-9A5E-BC7320890196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:2.0:hf1:*:*:*:*:*:*",
"matchCriteriaId": "33B706BB-C3D7-4BAA-A140-A7AF962F7141"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-884497.pdf",
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink