CVE-2020-10039

A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker in a privileged network position between a legitimate user and the web server might be able to conduct a Man-in-the-middle attack and gain read and write access to the transmitted data.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:sicam_mmu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sicam_mmu:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:sicam_sgu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sicam_sgu:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:sicam_t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sicam_t:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:54

Type Values Removed Values Added
References () https://cert-portal.siemens.com/productcert/pdf/ssa-305120.pdf - Vendor Advisory () https://cert-portal.siemens.com/productcert/pdf/ssa-305120.pdf - Vendor Advisory

Information

Published : 2020-07-14 14:15

Updated : 2024-11-21 04:54


NVD link : CVE-2020-10039

Mitre link : CVE-2020-10039

CVE.ORG link : CVE-2020-10039


JSON object : View

Products Affected

siemens

  • sicam_mmu_firmware
  • sicam_t_firmware
  • sicam_t
  • sicam_sgu
  • sicam_mmu
  • sicam_sgu_firmware
CWE
CWE-311

Missing Encryption of Sensitive Data