MEDIUM🇵🇱 Wersja polska

CVE-2019-19277

CVSS 6.5v3.1pub. 2020-03-10upd. 2024-11-21

A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special accounts ("service users") with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of the system, such as granting persons access to a secured area.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
  • Siemens Siport Mp

    APP
    Siemens
    < 3.1.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-7591HIGH8.8ten sam produkt

A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Vulnerable versions of the device cou...

CVE-2026-0300CRITICAL9.3⚠ KEVPL ✓ten sam vendor

Buffer overflow RCE z uprawnieniami root w PAN-OS Captive Portal

CVE-2026-24858CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Fortinet – Auth Bypass przez FortiCloud SSO w wielu produktach

CVE-2025-59718CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Fortinet FortiOS/FortiProxy/FortiSwitchManager — Auth Bypass przez SAML

CVE-2022-22965CRITICAL9.8⚠ KEVten sam vendor

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...