CVE-2019-10941
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). Missing authentication for functionality that requires administrative user identity could allow an attacker to obtain encoded system configuration backup files. This is only possible through network access to the affected system, and successful exploitation requires no system privileges.
Se ha identificado una vulnerabilidad en SINEMA Server (Todas las versiones anteriores a V14 SP3). Una falta de autenticación para la funcionalidad que requiere la identidad del usuario administrativo podría permitir a un atacante obtener archivos de copia de seguridad de la configuración del sistema codificados. Esto sólo es posible mediante del acceso a la red del sistema afectado, y una explotación con éxito no requiere privilegios del sistema
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-04-08 CVE Reserved
- 2021-09-14 CVE Published
- 2024-05-30 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-306: Missing Authentication for Critical Function
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-835377.pdf | 2021-09-23 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Sinema Server Search vendor "Siemens" for product "Sinema Server" | < 14.0 Search vendor "Siemens" for product "Sinema Server" and version " < 14.0" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Sinema Server Search vendor "Siemens" for product "Sinema Server" | 14.0 Search vendor "Siemens" for product "Sinema Server" and version "14.0" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Sinema Server Search vendor "Siemens" for product "Sinema Server" | 14.0 Search vendor "Siemens" for product "Sinema Server" and version "14.0" | sp1 |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Sinema Server Search vendor "Siemens" for product "Sinema Server" | 14.0 Search vendor "Siemens" for product "Sinema Server" and version "14.0" | sp2 |
Affected
| ||||||