CVE-2019-19287

🗓️ 14 Dec 2020 21:16:15Reported by siemensType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 31 Views

A vulnerability in XHQ web interface allows file system traversal without authentication

Reporter	Title	Published	Views	Family All 4
Prion	Authentication flaw	14 Dec 202021:15	–	prion
Cvelist	CVE-2019-19287	14 Dec 202021:05	–	cvelist
NVD	CVE-2019-19287	14 Dec 202021:15	–	nvd
ICS	Siemens XHQ Operations Intelligence	8 Dec 202000:00	–	ics

Nvd

Node

siemens xhqRange<6.1.0.0

[
  {
    "product": "XHQ",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions < 6.1"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Dec 2020 21:15Current

6.3Medium risk

Vulners AI Score6.3

CVSS24

CVSS36.5

EPSS0.00057

CWE-23