1. Home
  2. CVE Database
  3. CVE-2021-42021
HIGH · 7.5

CVE-2021-42021

A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1...

Vulnerability Description

A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1), Siveillance Video DLNA Server (2020 R2), Siveillance Video DLNA Server (2020 R3), Siveillance Video DLNA Server (2021 R1). The affected application contains a path traversal vulnerability that could allow to read arbitrary files on the server that are outside the application’s web document directory. An unauthenticated remote attacker could exploit this issue to access sensitive information for subsequent attacks.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
SiemensSiveillance Video Management Software 2019 R1All versions
SiemensSiveillance Video Management Software 2019 R2All versions
SiemensSiveillance Video Management Software 2019 R3All versions
SiemensSiveillance Video Management Software 2020 R1-
SiemensSiveillance Video Management Software 2020 R2-
SiemensSiveillance Video Dlna Server-

Related Weaknesses (CWE)

CWE-22CWE-26

References

FAQ

What is CVE-2021-42021?

CVE-2021-42021 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1...

How severe is CVE-2021-42021?

CVE-2021-42021 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-42021?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Siveillance Video Management Software 2019 R1, Siemens Siveillance Video Management Software 2019 R2, Siemens Siveillance Video Management Software 2019 R3, Siemens Siveillance Video Management Software 2020 R1, Siemens Siveillance Video Management Software 2020 R2.