Unrated severityNVD Advisory· Published Dec 12, 2019· Updated Aug 5, 2024

CVE-2019-18334

Description

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to enumerate valid user names by sending specifically crafted packets to 8090/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Affected products

Siemens Foundation/SPPA-T3000 Application Serverllm-fuzzy
Range: < R8.2 SP2
Siemens/SPPA-T3000 Application Serverv5
Range: All versions < Service Pack R8.2 SP2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/pdf/ssa-451445.pdfmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000