CVE Record: CVE-2019-6580

Required CVE Record Information

Description

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). An attacker with network access to port 80/TCP could change device properties without authorization. No user interaction is required to exploit this security vulnerability. Successful exploitation compromises confidentiality, integrity and availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

CWE 1 Total

Learn more

CWE-862: CWE-862: Missing Authorization

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

Versions 1 Total

Default Status: unknown

affected

Versions 1 Total

Default Status: unknown

affected

Versions 1 Total

Default Status: unknown

affected

Versions 1 Total

Default Status: unknown

affected

References 2 Total

Updated: 2024-08-04

This container includes required additional information provided by the CVE Program for this vulnerability.

References 2 Total

https://cert-portal.siemens.com/productcert/pdf/ssa-212009.pdf
external site
x_transferred
https://ics-cert.us-cert.gov/advisories/ICSA-19-162-01
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Siemens

Description

CWE 1 Total

Product Status

References 2 Total

CVE Program

References 2 Total