Details of VAR-201912-1242

ID

VAR-201912-1242

CVE

CVE-2019-18338

TITLE

Siemens SiNVR 3 Central Control Server (CCS) Directory Traversal Vulnerability

Trust: 0.8

sources: IVD: fad13a8d-07af-41a6-b9a9-011c6566c585 // CNVD: CNVD-2019-44755

DESCRIPTION

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context. SiNVR is the Siemens OEM version of SiVMS, a video management solution acquired by PKE Deutsch land gmmbH and previously distributed by Schille Informationssysteme gmmbH. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.97

sources: NVD: CVE-2019-18338 // JVNDB: JVNDB-2019-013204 // CNVD: CNVD-2019-44755 // CNNVD: CNNVD-202104-975 // IVD: fad13a8d-07af-41a6-b9a9-011c6566c585 // VULMON: CVE-2019-18338

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: fad13a8d-07af-41a6-b9a9-011c6566c585 // CNVD: CNVD-2019-44755

AFFECTED PRODUCTS

vendor:	siemens	model:	sinvr 3 video server	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	sinvr 3 central control server	scope:	eq	version:	*	Trust: 1.0
vendor:	シーメンス	model:	sinvr 3 video server	scope:	eq	version:	-	Trust: 0.8
vendor:	シーメンス	model:	sinvr 3 central control server	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinvr central control server	scope:	eq	version:	3	Trust: 0.6
vendor:	sinvr 3 central control server	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	sinvr 3 video server	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: fad13a8d-07af-41a6-b9a9-011c6566c585 // CNVD: CNVD-2019-44755 // JVNDB: JVNDB-2019-013204 // NVD: CVE-2019-18338

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-18338
value:	MEDIUM
Trust: 1.0
productcert@siemens.com:	CVE-2019-18338
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-18338
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-44755
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201912-426
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
IVD:	fad13a8d-07af-41a6-b9a9-011c6566c585
value:	MEDIUM
Trust: 0.2
VULMON:	CVE-2019-18338
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-18338
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2019-44755
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	fad13a8d-07af-41a6-b9a9-011c6566c585
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2019-18338
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
productcert@siemens.com:	CVE-2019-18338
baseSeverity:	HIGH
baseScore:	7.7
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.1
impactScore:	4.0
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2019-013204
baseSeverity:	HIGH
baseScore:	7.7
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: fad13a8d-07af-41a6-b9a9-011c6566c585 // CNVD: CNVD-2019-44755 // VULMON: CVE-2019-18338 // JVNDB: JVNDB-2019-013204 // CNNVD: CNNVD-201912-426 // CNNVD: CNNVD-202104-975 // NVD: CVE-2019-18338 // NVD: CVE-2019-18338

PROBLEMTYPE DATA

problemtype:	CWE-23	Trust: 1.0
problemtype:	CWE-22	Trust: 1.0
problemtype:	Path traversal (CWE-22) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2019-013204 // NVD: CVE-2019-18338

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201912-426

TYPE

Path traversal

Trust: 0.8

sources: IVD: fad13a8d-07af-41a6-b9a9-011c6566c585 // CNNVD: CNNVD-201912-426

PATCH

title:	SSA-761617	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf	Trust: 0.8
title:	Patch for Siemens SiNVR 3 Central Control Server (CCS) Directory Traversal Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/193671	Trust: 0.6
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=03dd7efb196bdf8da925c4ca8f3d02f6	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=98fa33ab2106a639337b5db77c71e637	Trust: 0.1

sources: CNVD: CNVD-2019-44755 // VULMON: CVE-2019-18338 // JVNDB: JVNDB-2019-013204

EXTERNAL IDS

db:	NVD	id:	CVE-2019-18338	Trust: 4.1
db:	SIEMENS	id:	SSA-761617	Trust: 2.3
db:	SIEMENS	id:	SSA-761844	Trust: 1.7
db:	ICS CERT	id:	ICSA-19-344-02	Trust: 1.4
db:	CNVD	id:	CNVD-2019-44755	Trust: 0.8
db:	CNNVD	id:	CNNVD-201912-426	Trust: 0.8
db:	JVN	id:	JVNVU96269392	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-013204	Trust: 0.8
db:	CS-HELP	id:	SB2021041517	Trust: 0.6
db:	ICS CERT	id:	ICSA-21-103-10	Trust: 0.6
db:	ICS CERT	id:	ICSA-19-344-01	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4625	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1240	Trust: 0.6
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	IVD	id:	FAD13A8D-07AF-41A6-B9A9-011C6566C585	Trust: 0.2
db:	VULMON	id:	CVE-2019-18338	Trust: 0.1

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf	Trust: 2.3
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-18338	Trust: 1.4
url:	https://www.us-cert.gov/ics/advisories/icsa-19-344-02	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu96269392/index.html	Trust: 0.8
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-103-10	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1240	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4625/	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-19-344-01	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041517	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/23.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://cert-portal.siemens.com/productcert/txt/ssa-761844.txt	Trust: 0.1

sources: CNVD: CNVD-2019-44755 // VULMON: CVE-2019-18338 // JVNDB: JVNDB-2019-013204 // CNNVD: CNNVD-201912-426 // CNNVD: CNNVD-202104-975 // NVD: CVE-2019-18338

SOURCES

db:	IVD	id:	fad13a8d-07af-41a6-b9a9-011c6566c585
db:	CNVD	id:	CNVD-2019-44755
db:	VULMON	id:	CVE-2019-18338
db:	JVNDB	id:	JVNDB-2019-013204
db:	CNNVD	id:	CNNVD-201912-426
db:	CNNVD	id:	CNNVD-202104-975
db:	NVD	id:	CVE-2019-18338

LAST UPDATE DATE

2024-11-23T20:33:42.437000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-44755	date:	2019-12-11T00:00:00
db:	VULMON	id:	CVE-2019-18338	date:	2021-04-22T00:00:00
db:	JVNDB	id:	JVNDB-2019-013204	date:	2024-02-20T06:56:00
db:	CNNVD	id:	CNNVD-201912-426	date:	2021-04-16T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	NVD	id:	CVE-2019-18338	date:	2024-11-21T04:33:04.620

SOURCES RELEASE DATE

db:	IVD	id:	fad13a8d-07af-41a6-b9a9-011c6566c585	date:	2019-12-11T00:00:00
db:	CNVD	id:	CNVD-2019-44755	date:	2019-12-11T00:00:00
db:	VULMON	id:	CVE-2019-18338	date:	2019-12-12T00:00:00
db:	JVNDB	id:	JVNDB-2019-013204	date:	2019-12-23T00:00:00
db:	CNNVD	id:	CNNVD-201912-426	date:	2019-12-10T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	NVD	id:	CVE-2019-18338	date:	2019-12-12T19:15:20.327