CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-18342

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.0880%
EPSS Percentile6.29th
Published2019年12月12日
Last Modified2024年11月21日

Vulnerability Description

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The SFTP service (default port 22/tcp) of the Control Center Server (CCS) does not properly limit its capabilities to the specified purpose. In conjunction with CVE-2019-18341, an unauthenticated remote attacker with network access to the CCS server could exploit this vulnerability to read or delete arbitrary files, or access other resources on the same server.

Affected Platforms (CPE)

📦
Siemens

Control Center Server

< 1.5.0

References & Advisories

🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf
🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf
🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf
🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf

相关漏洞威胁

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...

CVE-2019-183379.8

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contai...

CVE-2014-34409.0

The Agent Control Interface in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec D...

CVE-2019-192928.8

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contai...