Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSiemensCVELIST:CVE-2020-25239
HistoryMar 15, 2021 - 5:03 p.m.

CVE-2020-25239

2021-03-1517:03:30
CWE-863
siemens
www.cve.org
10
vulnerability
sinema remote connect server
unauthorized actions
special urls
unprivileged users
umc authorization server
rogue server
attacker
authentication

AI Score

8.4

Confidence

High

EPSS

0.001

Percentile

39.5%

JSON

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.

CNA Affected

[
  {
    "product": "SINEMA Remote Connect Server",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V3.0"
      }
    ]
  }
]

Related

prion 1
cve 1
nvd 1
ics 1
prion
prion
Authorization
2021-03-15 17:15:00
cve
cve
CVE-2020-25239
2021-03-15 17:15:19
nvd
nvd
CVE-2020-25239
2021-03-15 17:15:19
ics
ics
Siemens SINEMA Remote Connect Server
2021-03-09 12:00:00

AI Score

8.4

Confidence

High

EPSS

0.001

Percentile

39.5%

JSON
Related for CVELIST:CVE-2020-25239
prion1cve1nvd1ics1