Executive Summary

Informations
NameCVE-2019-6570First vendor Publication2019-04-17
VendorCveLast vendor Modification2019-04-17

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score9Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. The security vulnerability could be exploited by an attacker with network access to the affected system. An attacker must have access to a low privileged account in order to exploit the vulnerability. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6570

CWE : Common Weakness Enumeration

%idName
100 %CWE-264Permissions, Privileges, and Access Controls

Sources (Detail)

SourceUrl
MISC https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2019-04-18 05:18:48
  • Multiple Updates
2019-04-17 21:19:25
  • First insertion