CVE-2019-18341

Name of the Vulnerable Software and Affected Versions Control Center Server (CCS) versions prior to V1.5.0

Description A vulnerability has been identified in the SFTP service of the Control Center Server, which contains an authentication bypass issue. This allows a remote attacker with network access to the server to exploit the vulnerability and read data from the EDIR directory, such as the list of all configured stations.

Recommendations For versions prior to V1.5.0, update to version V1.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the SFTP service on the default port 22/tcp to minimize the risk of exploitation.