CVE-2023-30898
CVSS V2 None
CVSS V3 None
Description
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions < V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions < V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions < V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions < V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions < V23.1 HotfixRev1). The Event Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system.
Overview
- CVE ID
- CVE-2023-30898
- Assigner
- productcert@siemens.com
- Vulnerability Status
- Received
- Published Version
- 2023-05-09T13:15:18
- Last Modified Date
- 2023-05-09T13:15:18
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-789345.pdf |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-30898 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30898 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-05-09 14:01:45 | Added to TrackCVE | |||
| 2023-05-09 14:01:49 | Weakness Enumeration | new |