CVE-2019-6582

Name of the Vulnerable Software and Affected Versions Siveillance VMS 2017 R2 versions prior to V11.2a Siveillance VMS 2018 R1 versions prior to V12.1a Siveillance VMS 2018 R2 versions prior to V12.2a Siveillance VMS 2018 R3 versions prior to V12.3a Siveillance VMS 2019 R1 versions prior to V13.1a

Description A security issue allows an attacker with network access to port 80/TCP to modify user-defined event properties without proper authorization. This can be exploited by an authenticated attacker without requiring user interaction, compromising the integrity of event properties and the availability of corresponding functionality. At the time of publication, no public exploitation of this issue was known.

Recommendations For Siveillance VMS 2017 R2, update to version V11.2a or later. For Siveillance VMS 2018 R1, update to version V12.1a or later. For Siveillance VMS 2018 R2, update to version V12.2a or later. For Siveillance VMS 2018 R3, update to version V12.3a or later. For Siveillance VMS 2019 R1, update to version V13.1a or later.