Remote Procedure Call Enumeration Vulnerability in Siemens SPPA-T3000 MS3000 Migration Server
CVE-2019-18312
5.3MEDIUM
Key Information:
- Vendor
- Siemens
- Vendor
- CVE Published:
- 12 December 2019
Summary
A vulnerability has been discovered in Siemens' SPPA-T3000 MS3000 Migration Server that allows attackers with network access to potentially enumerate active RPC services. This could lead to further security risks, as it may provide attackers with insight into the server's operational capabilities. It is crucial for organizations using this server to ensure that network access is properly restricted to mitigate potential threats. As of the advisory publication, there were no known public exploits associated with this vulnerability.
Affected Version(s)
SPPA-T3000 MS3000 Migration Server All versions
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved