CVE-2019-13920 - AskarLabs CVE Database

CVE-2019-13920

Vendor Siemens Ag

Product SINEMA Remote Connect Server

Weakness CWE-352 · CSRF

Published September 13, 2019

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some parts of the web application are not protected against Cross Site Request Forgery (CSRF) attacks. The security vulnerability could be exploited by an attacker that is able to trigger requests of a logged-in user to the application. The vulnerability could allow switching the connectivity state of a user or a device. At the time of advisory publication no public exploitation of this security vulnerability was known.

Key dates

02Disclosure timeline

September 13, 2019 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-13920

Related vulnerabilities

04Related CVE

CVE-2024-29773 WordPress BizPrint plugin <= 4.5.5 - CSRF to XSS vulnerability CVE-2025-10752 OAuth Single Sign On – SSO (OAuth Client) <= 6.26.12 - Cross-Site Request Forgery CVE-2025-59541 Chamilo: CSRF Vulnerability in Project Deletion CVE-2024-33632 WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Cross Site Request Forgery (CSRF) vulnerability CVE-2023-48278 WordPress WP Forms Puzzle Captcha Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to XSS