PT-2014-4889 · Siemens · Sinema Server

Published

2014-04-19

Updated

2015-10-08

CVE-2014-2732

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Siemens SINEMA Server versions prior to 12 SP1

Description The issue concerns multiple directory traversal vulnerabilities in the integrated web server. Remote attackers can access arbitrary files via HTTP traffic to port 4999 or 80.

Recommendations For versions prior to 12 SP1, update to version 12 SP1 or later to resolve the issue.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2014-2732

Affected Products

Sinema Server

PT-2014-4889 · Siemens · Sinema Server

CVE-2014-2732

Weakness Enumeration

Related Identifiers

Affected Products

References · 4