CVE-2019-10941

A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). Missing authentication for functionality that requires administrative user identity could allow an attacker to obtain encoded system configuration backup files. This is only possible through network access to the affected system, and successful exploitation requires no system privileges.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_server:14.0:sp1:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_server:14.0:sp2:*:*:*:*:*:*

Information

Published : 2021-09-14 04:15

Updated : 2021-09-23 08:39


NVD link : CVE-2019-10941

Mitre link : CVE-2019-10941


JSON object : View

CWE
CWE-306

Missing Authentication for Critical Function

Products Affected

siemens

  • sinema_server