N/A

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). An attacker with network access to port 80/TCP can change user-defined event properties without proper authorization. The security vulnerability could be exploited by an authenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation compromises integrity of the user-defined event properties and the availability of corresponding functionality. At the time of advisory publication no public exploitation of this security vulnerability was known.

N/A

授权机制不恰当

Siemens Siveillance VMS 权限许可和访问控制问题漏洞

Siemens Siveillance VMS是德国西门子（Siemens）公司的一套监控视频管理软件。 Siemens Siveillance VMS中存在安全漏洞。攻击者可利用该漏洞更改用户定义的事件属性。以下产品及版本受到影响：Siemens Siveillance VMS 2017 R2 v11.2a之前版本，Siemens Siveillance VMS 2018 R1 v12.1a之前版本，Siemens Siveillance VMS 2018 R2 v12.2a之前版本，Siemens S

N/A

N/A