Vulnetix
Try Vulnetix Request Demo
CVE-2019-6581 PUBLISHED CVSS 6.5 MEDIUM

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). An attacker with network access to port 80/TCP could change user roles without proper authorization. The security vulnerability could be exploited by an authenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation compromises confidentiality, integrity and availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

EPSS 0.30% · 52.8th percentile

Risk Scores

CVSS v2.0
6.5
EPSS Score
0.30%
52.8th percentile

Affected Products

VendorProductVersions
siemenssiveillance_video_management_software_2017_r20
siemenssiveillance_video_management_software_2018_r20
siemenssiveillance_video_management_software_2018_r30
siemenssiveillance_video_management_software_2018_r10
Siemens AGSiveillance VMS 2017 R2All versions < V11.2a
Siemens AGSiveillance VMS 2018 R3All versions < V12.3a
Siemens AGSiveillance VMS 2019 R1All versions < V13.1a
siemenssiveillance_video_management_software_2019_r10
Siemens AGSiveillance VMS 2018 R2All versions < V12.2a
Siemens AGSiveillance VMS 2018 R1All versions < V12.1a

Timeline

References

Open in Interactive Console →