Unrated severityNVD Advisory· Published Mar 10, 2020· Updated Aug 5, 2024

CVE-2019-19291

Description

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain log files that store login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.

Affected products

Siemens Foundation/SiNVR Video Serverllm-fuzzy2 versions
< V5.0.0+ 1 more
- (no CPE)range: < V5.0.0
- (no CPE)range: All versions < V5.0.0
Siemens Foundation/Control Center Server (CCS)llm-fuzzy2 versions
< V1.5.0+ 1 more
- (no CPE)range: < V1.5.0
- (no CPE)range: All versions < V1.5.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/pdf/ssa-761844.pdfmitrex_refsource_CONFIRM
cert-portal.siemens.com/productcert/pdf/ssa-844761.pdfmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000