| |
Vulnerability CVE-2019-13922
Published: 2019-09-13
| Description: |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password. The security vulnerability could be exploited by an attacker with network access to the SINEMA Remote Connect Server and administrative privileges. At the time of advisory publication no public exploitation of this security vulnerability was known. |
Type:
CWE-916
CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4/10 |
2.9/10 |
8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://cert-portal.siemens.com/productcert/pdf/ssa-884497.pdf
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
