CVE-2019-18312
First published: Thu Dec 12 2019(Updated: )
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to enumerate running RPC services. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Sppa-t3000 Ms3000 Migration Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-18312?
CVE-2019-18312 is considered to have a medium severity level due to the potential for unauthorized enumeration of RPC services.
How can CVE-2019-18312 be mitigated?
To mitigate CVE-2019-18312, restrict network access to the MS3000 Server and apply appropriate firewall rules.
Who is affected by CVE-2019-18312?
CVE-2019-18312 affects all versions of the Siemens SPPA-T3000 MS3000 Migration Server.
What type of attack does CVE-2019-18312 facilitate?
CVE-2019-18312 facilitates RPC service enumeration attacks by attackers with network access to the affected server.
Is there a patch available for CVE-2019-18312?
As of now, there is no specific patch released for CVE-2019-18312, but following mitigation recommendations is crucial.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/tags
- agent/event
- agent/first-publish-date
- agent/source
- vendor/siemens
- canonical/siemens sppa-t3000 ms3000 migration server