CVE-2019-18342

Name of the Vulnerable Software and Affected Versions Control Center Server (CCS) versions prior to V1.5.0

Description A vulnerability has been identified in the SFTP service of the Control Center Server, which does not properly limit its capabilities. This could allow an unauthenticated remote attacker with network access to the server to read or delete arbitrary files, or access other resources on the same server.

Recommendations For versions prior to V1.5.0, update to version V1.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the SFTP service on the default port 22/tcp to minimize the risk of exploitation.