SSA-761617 (Last Update: 2019-12-10): Multiple Vulnerabilities in SiNVR Video Management Solution

Published

2019-12-10 00:00:00 UTC

Summary

SiNVR V3 contains seven vulnerabilities in the components Video Server and Central Control Server (CCS), involving authentication bypass (CVE-2019-18337, CVE-2019-18339, CVE-2019-18341), information disclosure (CVE-2019-13947, CVE-2019-18340), path traversal (CVE-2019-18338), and privilege escalation (CVE-2019-18342). Siemens recommends specific countermeasures until fixes are available.