Denial-of-Service Vulnerability in SPPA-T3000 Application Server by Siemens
CVE-2019-18317
7.5HIGH
Key Information:
- Vendor
- Siemens
- Vendor
- CVE Published:
- 12 December 2019
Summary
A vulnerability exists in the SPPA-T3000 Application Server, allowing attackers with network access to trigger a Denial-of-Service condition. This can be executed by sending specially crafted objects through RMI. To mitigate risks, it is essential for organizations to upgrade their systems to Service Pack R8.2 SP2 or later, as previous versions are susceptible to this vulnerability. No public incidents of exploitation have been reported at the time of the advisory, making awareness and proactive measures critical for system integrity.
Affected Version(s)
SPPA-T3000 Application Server All versions < Service Pack R8.2 SP2
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved