Publication Date: |
2019-04-09 |
Last Update: |
2021-03-09 |
Current Version: |
V1.1 |
CVSS v3.1 Base Score: |
8.3 |
- Turn off NTLM authentication to mitigate CVE-2018-16890 and CVE-2019-3822
- Turn off SMTP to mitigate CVE-2019-3823
CVSS v3.1 Base Score |
7.5 |
CVSS Vector |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
CWE: |
CWE-131: Incorrect Calculation of Buffer Size |
CVSS v3.1 Base Score |
7.5 |
CVSS Vector |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
CWE: |
CWE-125: Out-of-bounds Read |
CVSS v3.1 Base Score |
8.1 |
CVSS Vector |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
CWE: |
CWE-121: Stack-based Buffer Overflow |
CVSS v3.1 Base Score |
7.5 |
CVSS Vector |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
CWE: |
CWE-125: Out-of-bounds Read |
CVSS v3.1 Base Score |
8.3 |
CVSS Vector |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C |
CWE: |
CWE-280: Improper Handling of Insufficient Permissions or Privileges |
https://www.siemens.com/cert/advisories