CVE-2019-13931

2019-12-1219:08:46

CWE-80

siemens

www.cve.org

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow for an an attacker to craft the input in a form that is not expected, causing the application to behave in unexpected ways for legitimate users. Successful exploitation requires for an attacker to be authenticated to the web interface. A successful attack could cause the application to have unexpected behavior. This could allow the attacker to modify contents of the web application. At the time of advisory publication no public exploitation of this security vulnerability was known.

CNA Affected

[
  {
    "product": "XHQ",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V6.0.0.2"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-525454.pdf