CVE-2019-13922
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password. The security vulnerability could be exploited by an attacker with network access to the SINEMA Remote Connect Server and administrative privileges. At the time of advisory publication no public exploitation of this security vulnerability was known.
Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V2.0 SP1). Un atacante con privilegios administrativos puede obtener el hash de contraseña de un dispositivo conectado. La vulnerabilidad de seguridad podría ser explotada por un atacante con acceso de red al SINEMA Remote Connect Server y a privilegios administrativos. Al momento de la publicación de asesoramiento, no se conocía una explotación pública de esta vulnerabilidad de seguridad.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-07-18 CVE Reserved
- 2019-09-13 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-311: Missing Encryption of Sensitive Data
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-884497.pdf | 2021-10-28 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Siemens Search vendor "Siemens" | Sinema Remote Connect Server Search vendor "Siemens" for product "Sinema Remote Connect Server" | <= 2.0 Search vendor "Siemens" for product "Sinema Remote Connect Server" and version " <= 2.0" | - |
Affected
| ||||||
Siemens Search vendor "Siemens" | Sinema Remote Connect Server Search vendor "Siemens" for product "Sinema Remote Connect Server" | 2.0 Search vendor "Siemens" for product "Sinema Remote Connect Server" and version "2.0" | hf1 |
Affected
|