VDB
CVE-2019-13918
CVE-2019-13918
PUBLISHED
CVSS 7.5 HIGH
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). The web interface has no means to prevent password guessing attacks. The vulnerability could be exploited by an attacker with network access to the vulnerable software, requiring no privileges and no user interaction. The vulnerability could allow full access to the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known.
EPSS 0.48% · 65.3th percentile
Risk Scores
CVSS v2.0
7.5
EPSS Score
0.48%
65.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens AG | SINEMA Remote Connect Server | All versions < V2.0 SP1 |
| siemens | sinema_remote_connect_server | 0, 2.0, 2.0 |
Timeline
- Sep 10, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-884497.pdf url
- https://nvd.nist.gov/vuln/detail/CVE-2019-13918 advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-250618.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-191683.pdf advisory