How severe is CVE-2019-18340?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2019-18340?

This is classified as CWE-327, which is a common weakness in software security.

CVE-2019-18340

MEDIUM Year: 2019

CVSS v3 Score

5.5

Medium

CVSS v2 Score

2.1

Low

Weakness Type

CWE-327

View all →

Vulnerability Description

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), Control Center Server (CCS) (All versions >= V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNVR/SiVMS Video Server (All versions >= V5.0.0). Both the SiVMS/SiNVR Video Server and the Control Center Server (CCS) store user and device passwords by applying weak cryptography. A local attacker could exploit this vulnerability to extract the passwords from the user database and/or the device configuration files to conduct further attacks.

CVE-2013-2213

MEDIUM

CVSS:5.5(Medium)

The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent atta...

CWE-3272013

CVE-2017-1571

MEDIUM

CVSS:5.5(Medium)

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive ...

CWE-3272017

CVE-2017-1575

MEDIUM

CVSS:5.5(Medium)

IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sens...

CWE-3272017

CVE-2018-1428

MEDIUM

CVSS:5.5(Medium)

IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X...

CWE-3272018

CVE-2019-20775

MEDIUM

CVSS:5.5(Medium)

An issue was discovered on LG mobile devices with Android OS 9.0 (Qualcomm SDM450, SDM845, SM6150, and SM8150 chipsets) software. Weak encryption leads to local information disclosure. The LG ID is LV...

CWE-3272019

CVE-2019-5719

MEDIUM

CVSS:5.5(Medium)

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data bloc...

CWE-3272019

CVE-2019-18340

Vulnerability Description

Related Vulnerabilities

CVE-2013-2213

CVE-2017-1571

CVE-2017-1575

CVE-2018-1428

CVE-2019-20775

CVE-2019-5719