How severe is CVE-2019-13922?

This vulnerability has a severity rating of LOW with a CVSS score of 2.7 out of 10.

What type of vulnerability is CVE-2019-13922?

This is classified as CWE-311, which is a common weakness in software security.

CVE-2019-13922 - LOW Severity | CVSS 2.7

Vulnerability Description

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password. The security vulnerability could be exploited by an attacker with network access to the SINEMA Remote Connect Server and administrative privileges. At the time of advisory publication no public exploitation of this security vulnerability was known.

Related Vulnerabilities

CVE-2020-4591

LOW

CVSS:2.9(Low)

IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted co...

CWE-3112020

CVE-2019-0307

LOW

CVSS:2.4(Low)

Diagnostics Agent in Solution Manager, version 7.2, stores several credentials such as SLD user connection as well as Solman user communication in the SAP Secure Storage file which is not encrypted by...

CWE-3112019

CVE-2023-39842

LOW

CVSS:2.4(Low)

Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.

CWE-3112023

CVE-2023-39843

LOW

CVSS:2.4(Low)

Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.

CWE-3112023

CVE-2018-8864

LOW

CVSS:3.1(Low)

In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio tran...

CWE-3112018

CVE-2021-38977

LOW

CVSS:3.1(Low)

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http...

CWE-3112021