Lucene search
K

82 matches found

Cvelist
Cvelist
added 2020/03/10 7:16 p.m.25 views

CVE-2019-19294

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The web interface of the Control Center Server CCS contains multiple stored Cross-site Scripting XSS vulnerabilities in several input fields. This could allow an authenticated remote attacker to inject malicious...

6.3CVSS5.9AI score0.0101EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2020/03/10 7:16 p.m.9 views

CVE-2019-19295

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS does not enforce logging of security-relevant activities in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote...

4.3CVSS6.4AI score0.01054EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/03/10 7:16 p.m.19 views

CVE-2019-19293

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The web interface of the Control Center Server CCS contains a reflected Cross-site Scripting XSS vulnerability that could allow an unauthenticated remote attacker to steal sensitive data or execute administrativ...

6.1CVSS5.9AI score0.0125EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/03/10 7:16 p.m.38 views

CVE-2019-19292

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS contains an SQL injection vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit...

8.8CVSS8.6AI score0.01999EPSS
Exploits0References2
CVE
CVE
added 2020/03/10 7:16 p.m.51 views

CVE-2019-19290

CVE-2019-19290 affects Siemens/SINVR CCS (Control Center Server) prior to v1.5.0. A path traversal vulnerability in the CCS web interface DOWNLOADS area could allow an authenticated remote attacker to access/download arbitrary server files. The issue is explicitly tied to CCS versions

6.5CVSS6.1AI score0.01813EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/03/10 7:16 p.m.22 views

CVE-2019-19290

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The DOWNLOADS section in the web interface of the Control Center Server CCS contains a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary files from t...

6.5CVSS6.2AI score0.01813EPSS
Exploits0References2
CVE
CVE
added 2020/03/10 7:16 p.m.54 views

CVE-2019-19295

Summary of CVE-2019-19295 (CVE List entry): The vulnerability affects Siemens/Sinogram CCS (Control Center Server) prior to v1.5.0, where the XML-based communication protocol on ports 5444/tcp and 5440/tcp does not enforce logging of security-relevant activities by default. An authenticated remot...

4.3CVSS4.3AI score0.01054EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2020/03/10 7:16 p.m.50 views

CVE-2019-19292

CVE-2019-19292 affects Siemens CCS (Control Center Server): SQL injection in the XML-based protocol on ports 5444/TCP and 5440/TCP affecting all CCS versions before v1.5.0. An authenticated remote attacker could read/modify the CCS database and potentially perform administrative database operatio...

8.8CVSS8.5AI score0.01999EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2020/03/10 7:16 p.m.56 views

CVE-2019-19291

CVE-2019-19291 affects Siemens CCS and SiNVR/SiVMS Video Server. The FTP services store login credentials in cleartext in log files, enabling authenticated remote attackers to extract credentials when FTP is enabled. Affected: CCS before v1.5.0 and Video Server before v5.0.0. Mitigation: upgrade ...

6.5CVSS5AI score0.00749EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2020/03/10 12:0 a.m.6 views

PT-2020-2446 · Unknown · Control Center Server

Name of the Vulnerable Software and Affected Versions: Control Center Server CCS versions prior to V1.5.0 Description: A stored Cross-site Scripting XSS vulnerability has been identified in the web interface of the Control Center Server CCS. This issue is related to the lack of input data...

6.3CVSS5.8AI score0.0101EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2020/03/10 12:0 a.m.6 views

PT-2020-2443 · Siemens · Control Center Server +1

Name of the Vulnerable Software and Affected Versions: Control Center Server CCS versions prior to V1.5.0 SiNVR/SiVMS Video Server versions prior to V5.0.0 Description: A vulnerability has been identified where the FTP services of the SiVMS/SiNVR Video Server and the Control Center Server CCS...

6.5CVSS5.3AI score0.00749EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2020/03/10 12:0 a.m.6 views

PT-2020-2445 · Unknown · Control Center Server +2

Name of the Vulnerable Software and Affected Versions: Control Center Server CCS versions prior to V1.5.0 SiNVR 3 Central Control Server all versions SiNVR 3 Video Server all versions Description: A reflected Cross-site Scripting XSS vulnerability has been identified in the web interface of the...

7.1CVSS6.3AI score0.0125EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/03/10 12:0 a.m.6 views

PT-2020-2447 · Sinvr · Sinvr 3 Central Control Server +2

Name of the Vulnerable Software and Affected Versions: Control Center Server CCS versions prior to V1.5.0 SiNVR 3 Central Control Server all versions SiNVR 3 Video Server all versions Description: A vulnerability has been identified in the Control Center Server CCS and SiNVR 3 Central Control...

4.3CVSS4.3AI score0.01054EPSS
Exploits0References5
NVD
NVD
added 2019/12/12 7:15 p.m.17 views

CVE-2019-18340

A vulnerability has been identified in Control Center Server CCS All versions = V1.5.0, SiNVR/SiVMS Video Server All versions = V5.0.0. Both the SiVMS/SiNVR Video Server and the Control Center Server CCS store user and device passwords by applying weak cryptography. A local attacker could exploit...

5.5CVSS6.1AI score0.0025EPSS
Exploits0References2
OSV
OSV
added 2019/12/12 7:15 p.m.4 views

CVE-2019-18342

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The SFTP service default port 22/tcp of the Control Center Server CCS does not properly limit its capabilities to the specified purpose. In conjunction with CVE-2019-18341, an unauthenticated remote attacker wit...

9.9CVSS6.7AI score0.02126EPSS
Exploits0References2
NVD
NVD
added 2019/12/12 7:15 p.m.15 views

CVE-2019-18337

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS contains an authentication bypass vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. A remote attacker with network access ...

9.8CVSS9.2AI score0.02544EPSS
Exploits0References2
NVD
NVD
added 2019/12/12 7:15 p.m.20 views

CVE-2019-18341

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The SFTP service default port 22/tcp of the Control Center Server CCS contains an authentication bypass vulnerability. A remote attacker with network access to the CCS server could exploit this vulnerability to...

5.3CVSS7AI score0.01618EPSS
Exploits0References2
NVD
NVD
added 2019/12/12 7:15 p.m.13 views

CVE-2019-18338

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with...

7.7CVSS7.8AI score0.02647EPSS
Exploits0References2
NVD
NVD
added 2019/12/12 7:15 p.m.18 views

CVE-2019-18342

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The SFTP service default port 22/tcp of the Control Center Server CCS does not properly limit its capabilities to the specified purpose. In conjunction with CVE-2019-18341, an unauthenticated remote attacker wit...

9.9CVSS7.2AI score0.02126EPSS
Exploits0References2
NVD
NVD
added 2019/12/12 7:15 p.m.12 views

CVE-2019-13947

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The user configuration menu in the web interface of the Control Center Server CCS transfers user passwords in clear to the client browser. An attacker with administrative privileges for the web interface could b...

4.9CVSS5.9AI score0.00857EPSS
Exploits0References2
Rows per page
Query Builder