CVE-2019-19299

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server applies weak cryptography when exposing device (camera) passwords. This could allow an unauthenticated remote attacker to read and decrypt the passwords and conduct further attacks.
References
Link Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf Mitigation Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:siemens:sinvr/sivms_video_server:*:*:*:*:*:*:*:*

Information

Published : 2020-03-10 08:15

Updated : 2022-04-29 01:29


NVD link : CVE-2019-19299

Mitre link : CVE-2019-19299

Products Affected
No products.
CWE
CWE-326

Inadequate Encryption Strength