{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T00:29:27.845","vulnerabilities":[{"cve":{"id":"CVE-2019-19294","sourceIdentifier":"productcert@siemens.com","published":"2020-03-10T20:15:19.413","lastModified":"2024-11-21T04:34:30.917","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The web interface of the Control Center Server (CCS) contains\nmultiple stored Cross-site Scripting (XSS) vulnerabilities in several input\nfields.\nThis could allow an authenticated remote attacker to inject malicious\nJavaScript code into the CCS web application that is later executed\nin the browser context of any other user who views the relevant CCS\nweb content."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en Central Control Server (CCS) (Todas las versiones anteriores a V1.5.0). La interfaz web de Central Control Server (CCS) contiene múltiples vulnerabilidades de Cross-site Scripting (XSS) almacenadas en varios campos de entrada. Esto podría permitir a un atacante remoto autenticado inyectar código JavaScript malicioso en la aplicación web de CCS que se ejecuta posteriormente en el contexto del navegador de cualquier otro usuario que vea el contenido web de CCS correspondiente"}],"metrics":{"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:sinvr_3_central_control_server:*:*:*:*:*:*:*:*","matchCriteriaId":"16668E9A-2D0A-425E-87F4-18CFC50551D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:sinvr_3_video_server:*:*:*:*:*:*:*:*","matchCriteriaId":"0F21BB6D-BFE0-4B69-97F2-1A871A390B1E"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf","source":"productcert@siemens.com"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf","source":"productcert@siemens.com","tags":["Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}