Search criteria
4 vulnerabilities found for DCA Vantage Analyzer by Siemens
CVE-2020-7590 (GCVE-0-2020-7590)
Vulnerability from nvd – Published: 2020-10-13 15:30 – Updated: 2024-08-04 09:33
VLAI
Summary
A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device.
Severity
No CVSS data available.
CWE
- CWE-259 - Use of Hard-coded Password
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.siemens-healthineers.com/support-docu… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | DCA Vantage Analyzer |
Affected:
All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCA Vantage Analyzer",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in DCA Vantage Analyzer (All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259: Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-13T15:30:19.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-7590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DCA Vantage Analyzer",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in DCA Vantage Analyzer (All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-259: Use of Hard-coded Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.siemens-healthineers.com/support-documentation/security-advisory",
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-7590",
"datePublished": "2020-10-13T15:30:19.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:33:19.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15797 (GCVE-0-2020-15797)
Vulnerability from nvd – Published: 2020-10-13 15:30 – Updated: 2024-08-04 13:30
VLAI
Summary
A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (“kiosk mode”) and access the underlying operating system. Successful exploitation requires direct physical access to the system.
Severity
No CVSS data available.
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.siemens-healthineers.com/support-docu… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | DCA Vantage Analyzer |
Affected:
All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:30:21.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCA Vantage Analyzer",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in DCA Vantage Analyzer (All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797). Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (\u201ckiosk mode\u201d) and access the underlying operating system. Successful exploitation requires direct physical access to the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-13T15:30:19.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-15797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DCA Vantage Analyzer",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in DCA Vantage Analyzer (All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797). Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (\u201ckiosk mode\u201d) and access the underlying operating system. Successful exploitation requires direct physical access to the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.siemens-healthineers.com/support-documentation/security-advisory",
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-15797",
"datePublished": "2020-10-13T15:30:19.000Z",
"dateReserved": "2020-07-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T13:30:21.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7590 (GCVE-0-2020-7590)
Vulnerability from cvelistv5 – Published: 2020-10-13 15:30 – Updated: 2024-08-04 09:33
VLAI
Summary
A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device.
Severity
No CVSS data available.
CWE
- CWE-259 - Use of Hard-coded Password
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.siemens-healthineers.com/support-docu… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | DCA Vantage Analyzer |
Affected:
All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCA Vantage Analyzer",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in DCA Vantage Analyzer (All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259: Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-13T15:30:19.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-7590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DCA Vantage Analyzer",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in DCA Vantage Analyzer (All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-259: Use of Hard-coded Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.siemens-healthineers.com/support-documentation/security-advisory",
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-7590",
"datePublished": "2020-10-13T15:30:19.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:33:19.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15797 (GCVE-0-2020-15797)
Vulnerability from cvelistv5 – Published: 2020-10-13 15:30 – Updated: 2024-08-04 13:30
VLAI
Summary
A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (“kiosk mode”) and access the underlying operating system. Successful exploitation requires direct physical access to the system.
Severity
No CVSS data available.
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.siemens-healthineers.com/support-docu… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | DCA Vantage Analyzer |
Affected:
All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:30:21.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCA Vantage Analyzer",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in DCA Vantage Analyzer (All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797). Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (\u201ckiosk mode\u201d) and access the underlying operating system. Successful exploitation requires direct physical access to the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-13T15:30:19.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-15797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DCA Vantage Analyzer",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in DCA Vantage Analyzer (All versions \u003c V4.5 are affected by CVE-2020-7590. In addition, serial numbers \u003c 40000 running software V4.4.0 are also affected by CVE-2020-15797). Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (\u201ckiosk mode\u201d) and access the underlying operating system. Successful exploitation requires direct physical access to the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.siemens-healthineers.com/support-documentation/security-advisory",
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/support-documentation/security-advisory"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-15797",
"datePublished": "2020-10-13T15:30:19.000Z",
"dateReserved": "2020-07-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T13:30:21.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}