-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# SSA-770698: User Information Disclosure Vulnerability in Siveillance Video Client

Publication Date:        2020-09-08
Last Update:             2020-09-08
Current Version:         1.0
CVSS v3.1 Base Score:    5.3

SUMMARY
=======

The Siveillance Video Client contains an information disclosure
vulnerability that could allow an attacker to obtain valid adminstrator
login names and use this information to launch further attacks.

Siemens recommends specific countermeasures and provides patches for
released versions of the Siveillance Video Client.


AFFECTED PRODUCTS AND SOLUTION
==============================


* Siveillance Video Client 
  - Affected versions:
       All versions
  - Remediation:
       Apply the patch provided for current versions, available at
  - Download:
       https://support.industry.siemens.com/cs/ww/en/view/109781490/


WORKAROUNDS AND MITIGATIONS
===========================

Siemens has identified the following specific workarounds and mitigations that
customers can apply to reduce the risk:

* Use Kerberos authentication instead of NTLM as described in the
Siveillance Video Hardening Guide
  


GENERAL SECURITY RECOMMENDATIONS
================================

As a general security measure Siemens strongly recommends to protect
network access to affected products with appropriate mechanisms. It is
advised to follow recommended security practices in order to run the
devices in a protected IT environment.

PRODUCT DESCRIPTION
===================

Siveillance Video (formerly called Siveillance VMS) is a powerful IP
video management software designed for deployments ranging from small
and simple to large-scale and high-security. The Siveillance Video
portfolio consists of four versions, Siveillance Video Core, Core Plus,
Advanced, and Pro, addressing the specific needs of small and medium
size solutions up to large complex deployments.

VULNERABILITY CLASSIFICATION
============================

The vulnerability classification has been performed by using the CVSS scoring
system in version 3.1 (CVSS v3.1) (https://www.first.org/cvss/). The CVSS 
environmental score is specific to the customer's environment and will impact
the overall CVSS score. The environmental score should therefore be 
individually defined by the customer to accomplish final scoring.

An additional classification has been performed using the CWE classification, a
community-developed list of common software security weaknesses. This serves as
a common language and as a baseline for weakness identification, mitigation,
and prevention efforts. A detailed list of CWE classes can be found at:
https://cwe.mitre.org/.



* Vulnerability CVE-2020-15785

  In environments where Windows NTLM authentication is enabled the
  affected client application transmits usernames to the server in
  cleartext.
  
  This could allow an attacker in a privileged network position to obtain
  valid adminstrator login names and use this information to launch
  further attacks.

  CVSS v3.1 Base Score: 5.3
  CVSS Vector:          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
  CWE:                  CWE-319: Cleartext Transmission of Sensitive Information




ADDITIONAL INFORMATION
======================

For further inquiries on security vulnerabilities in Siemens products and 
solutions, please contact the Siemens ProductCERT:

https://www.siemens.com/cert/advisories


HISTORY DATA
============

V1.0 (2020-09-08): Publication Date

TERMS OF USE
============

Siemens Security Advisories are subject to the terms and conditions contained
in Siemens' underlying license terms or other applicable agreements previously
agreed to with Siemens (hereinafter "License Terms"). To the extent applicable
to information, software or documentation made available in or through a
Siemens Security Advisory, the Terms of Use of Siemens' Global Website
(https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in
particular Sections 8-10 of the Terms of Use, shall apply additionally. In case
of conflicts, the License Terms shall prevail over the Terms of Use.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEElTRCLAVwzKf/b8X80/SB6hFKr+QFAl9WyYAACgkQ0/SB6hFK
r+S+zQ//fCZ6QNGhRiguaKk1umJbbZw06p4wZT1o1QuzvWASzF/k4r7CqjD5+7k4
BDKI7+I4a03WoHGAbnUsfpjstrF0CZStaC5I7jpOaWTq6s3IMuyl3m7JxUPLTBhh
CdkAiKj9/p0meX8F/EdE583lZQkWiwnPCCkg1RVOEdKq6+WaykBF1FXofApnKDt5
KlTGsi6OmddmlWtTps8GTtZCdgZct2OC7p9waTFZrkwVf7yIDATyRgP1iseQADQ/
VcWxsAcLlkVnYtnE+TEr6c4iF4an6hvb4nXOnxQfsQXxKB7G+CEB2dTSIladwiSS
bIDE31+pm3EqectLY1vGYGDij+cASYi88R3STnX6YdQYz283cpZ0ayMW8u5yvQEf
/gVT7IfSO306WRaC2H1e04gJtRxt+9sxoER/oI0KpeyTm56t+lBasB/SwHDlsEdN
ka9fU2EZiTfXf0iwK1jhL66mLSXopkZEns6EAzTIP8dnMcVS8jds1NqvF5HCDbzQ
scGZn/dI/YXLYTD/VGVEV8o7uznpIbc/JLtKgLUPxHTBtifeIZSoTAG/3azFhRsL
N+lD7Kj9MiC9Z4DdO+3rNHo2HwJzjQfD3swHMdouOVXD7XkffUp74GUInxUlzis0
Y5mCG0WzyFLm8lE52DkSF7RyCq1nVruBADO642DMmjW4PSNPyEw=
=XSH2
-----END PGP SIGNATURE-----