← volver
CVE-2019-18341

CVE-2019-18341

CVSS 5.3 MEDIUMEPSS 1.6%CWE-287
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The SFTP service (default port 22/tcp) of the Control Center Server (CCS) contains an authentication bypass vulnerability. A remote attacker with network access to the CCS server could exploit this vulnerability to read data from the EDIR directory (for example, the list of all configured stations).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:U/RC:C
Productos afectados
Siemens · Control Center Server (CCS)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf