CVE-2019-19292

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS contains an SQL injection vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit...

Sql injection

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS contains an SQL injection vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit...

CVE-2019-19295

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS does not enforce logging of security-relevant activities in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote...

CVE-2019-19292

CVE-2019-19292 affects Siemens CCS (Control Center Server): SQL injection in the XML-based protocol on ports 5444/TCP and 5440/TCP affecting all CCS versions before v1.5.0. An authenticated remote attacker could read/modify the CCS database and potentially perform administrative database operatio...

CVE-2019-18338

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with...

Directory traversal

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with...

Authentication flaw

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS contains an authentication bypass vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. A remote attacker with network access ...

CVE-2019-18338

CVE-2019-18338 describes a directory traversal vulnerability in Siemens/SiNVR CCS, affecting all versions before v1.5.0. The flaw exists in the XML-based communication protocol exposed by default on ports 5444/tcp and 5440/tcp, allowing an authenticated remote attacker with network access to list...

CVE-2019-18338

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The Control Center Server CCS contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with...