CVE-2019-18339

12.12.2019, 19:15

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The HTTP service (default port 5401/tcp) of the SiVMS/SiNVR Video Server
contains an authentication bypass vulnerability, even when properly
configured with enforced authentication.

A remote attacker with network access to the Video Server could
exploit this vulnerability to read the SiVMS/SiNVR users database, including
the passwords of all users in obfuscated cleartext.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
siemens	CNA	9.8 CRITICAL				CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 36%

Vendor	Product	Version
siemens	sinvr_3_central_control_server	*
siemens	sinvr_3_video_server	*

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-306 - Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf