All the vulnerabilites related to siemens - 6ag1416-3es07-7ab0
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 07:31
Severity ?
Summary
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly.
This could allow an attacker to create a buffer overflow and create a denial of service condition for the device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7412-2ek07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F039A6-AD1F-489C-9928-147973AE8DF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7412-2ek07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D7EEE-9AC0-40D9-9C0A-2B098D152230",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7414-3em07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "257AB2BE-EA5A-47D0-9677-D00FF682C170",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7414-3em07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "438FDBD7-1731-4D1B-ABA6-76F376054F07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7414-3fm07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0622ACDF-D82B-487C-84DF-75853A88184C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7414-3fm07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23B55825-D285-459F-AB82-110EC58D583C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7416-3es07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "268D8CA8-92BD-40BE-BCB0-8EBA4B724381",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7416-3es07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "877F922F-D395-4123-B4C2-DCA7D699EB22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7416-3fs07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1031CEF8-0F66-452E-8E79-BC4A5EDDB10E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7416-3fs07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDA99580-AF0C-4837-B4DB-593C5A045129",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6ag1414-3em07-7ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "228593D4-10E2-4345-85F5-FE69E68722A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6ag1414-3em07-7ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2066A76-56E4-41C4-9057-F1697B9ADAFE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6ag1416-3es07-7ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7B48F6-B94E-4B65-A2A9-2B5BB333415B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6ag1416-3es07-7ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41422165-ABEF-4F09-9E39-C4F89497894B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA8B933-D7E3-4E3B-AA1D-75AFC89EA730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D61A6DA0-1328-4D6F-80A1-2A7CE369A7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B46F2FCA-845B-4E65-AF8C-B924E55921B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD43CE2-ED05-4BBF-9553-04AB07D33F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8DD275-D4EA-426C-8611-C2083036A799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9EB60A1E-ABE0-4A1C-A2F0-C77E59DCF577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1_hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "03224943-DCAF-4203-90BD-A6100745A3A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1_hotfix13:*:*:*:*:*:*",
"matchCriteriaId": "59460788-9C30-444F-B0F5-B2ACB7B5CDCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:-:*:*:*:*:*:*",
"matchCriteriaId": "6622AE2E-81B0-419C-8C37-A7C56FB92745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "D8DFFEC3-B48B-4B47-83E4-B73383003F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix11:*:*:*:*:*:*",
"matchCriteriaId": "10596147-76C0-4626-987B-AECA3D359C9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix7:*:*:*:*:*:*",
"matchCriteriaId": "4B6DEC37-63E1-479C-91C5-A5339E5F4FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3:*:*:*:*:*:*",
"matchCriteriaId": "AD9434B6-29F3-445C-A3CA-57E2230622EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "284207F1-E83D-4D32-8D0C-5D20126D0B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix13:*:*:*:*:*:*",
"matchCriteriaId": "95DC883D-5792-4ECD-9A19-D97173FD2D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "7ADD4FD1-F3E2-480A-AE4E-747AA744F8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix9:*:*:*:*:*:*",
"matchCriteriaId": "E9DF3564-63E8-4B17-A2CD-799954C31B42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A824BD-935F-4E53-8313-C5544B0489C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_pc-station_plus_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA49005-5CEB-4AC5-8E3A-6400650C4F1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_pc-station_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D170B645-158D-443D-A565-FC44663DEA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC\u00a0PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions \u003c V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly.\r\n\r\nThis could allow an attacker to create a buffer overflow and create a denial of service condition for the device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en:\nSIMATIC PC-Station Plus (todas las versiones), \nSIMATIC S7-400 CPU 412-2 PN V7 (todas las versiones), \nSIMATIC S7-400 CPU 414-3 PN/DP V7 (todas las versiones), \nSIMATIC S7 -400 CPU 414F-3 PN/DP V7 (todas las versiones), \nSIMATIC S7-400 CPU 416-3 PN/DP V7 (todas las versiones), \nSIMATIC S7-400 CPU 416F-3 PN/DP V7 (todas las versiones), \nSINAMICS S120 (incl. variantes SIPLUS) (todas las versiones \u0026lt; V5.2 SP3 HF15), \nSIPLUS S7-400 CPU 414-3 PN/DP V7 (todas las versiones), \nSIPLUS S7-400 CPU 416-3 PN/DP V7 (todas las versiones) ). \nLos productos afectados no manejan correctamente los nombres de archivos largos. Esto podr\u00eda permitir a un atacante crear un desbordamiento del b\u00fafer y crear una condici\u00f3n de denegaci\u00f3n de servicio para el dispositivo."
}
],
"id": "CVE-2022-47375",
"lastModified": "2024-11-21T07:31:51.270",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Primary"
}
]
},
"published": "2023-12-12T12:15:10.797",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-805"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 07:31
Severity ?
Summary
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly.
This could allow an attacker to exhaust system resources and create a denial of service condition for the device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7412-2ek07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F039A6-AD1F-489C-9928-147973AE8DF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7412-2ek07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D7EEE-9AC0-40D9-9C0A-2B098D152230",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7414-3em07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "257AB2BE-EA5A-47D0-9677-D00FF682C170",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7414-3em07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "438FDBD7-1731-4D1B-ABA6-76F376054F07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7414-3fm07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0622ACDF-D82B-487C-84DF-75853A88184C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7414-3fm07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23B55825-D285-459F-AB82-110EC58D583C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7416-3es07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "268D8CA8-92BD-40BE-BCB0-8EBA4B724381",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7416-3es07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "877F922F-D395-4123-B4C2-DCA7D699EB22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6es7416-3fs07-0ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1031CEF8-0F66-452E-8E79-BC4A5EDDB10E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6es7416-3fs07-0ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDA99580-AF0C-4837-B4DB-593C5A045129",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6ag1414-3em07-7ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "228593D4-10E2-4345-85F5-FE69E68722A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6ag1414-3em07-7ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2066A76-56E4-41C4-9057-F1697B9ADAFE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6ag1416-3es07-7ab0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7B48F6-B94E-4B65-A2A9-2B5BB333415B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6ag1416-3es07-7ab0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41422165-ABEF-4F09-9E39-C4F89497894B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA8B933-D7E3-4E3B-AA1D-75AFC89EA730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D61A6DA0-1328-4D6F-80A1-2A7CE369A7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B46F2FCA-845B-4E65-AF8C-B924E55921B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD43CE2-ED05-4BBF-9553-04AB07D33F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8DD275-D4EA-426C-8611-C2083036A799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9EB60A1E-ABE0-4A1C-A2F0-C77E59DCF577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1_hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "03224943-DCAF-4203-90BD-A6100745A3A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1_hotfix13:*:*:*:*:*:*",
"matchCriteriaId": "59460788-9C30-444F-B0F5-B2ACB7B5CDCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:-:*:*:*:*:*:*",
"matchCriteriaId": "6622AE2E-81B0-419C-8C37-A7C56FB92745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "D8DFFEC3-B48B-4B47-83E4-B73383003F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix11:*:*:*:*:*:*",
"matchCriteriaId": "10596147-76C0-4626-987B-AECA3D359C9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix7:*:*:*:*:*:*",
"matchCriteriaId": "4B6DEC37-63E1-479C-91C5-A5339E5F4FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3:*:*:*:*:*:*",
"matchCriteriaId": "AD9434B6-29F3-445C-A3CA-57E2230622EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "284207F1-E83D-4D32-8D0C-5D20126D0B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix13:*:*:*:*:*:*",
"matchCriteriaId": "95DC883D-5792-4ECD-9A19-D97173FD2D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "7ADD4FD1-F3E2-480A-AE4E-747AA744F8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix9:*:*:*:*:*:*",
"matchCriteriaId": "E9DF3564-63E8-4B17-A2CD-799954C31B42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A824BD-935F-4E53-8313-C5544B0489C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_pc-station_plus_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA49005-5CEB-4AC5-8E3A-6400650C4F1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_pc-station_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D170B645-158D-443D-A565-FC44663DEA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC\u00a0PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions \u003c V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly.\r\n\r\nThis could allow an attacker to exhaust system resources and create a denial of service condition for the device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en:\nSIMATIC PC-Station Plus (todas las versiones), \nSIMATIC S7-400 CPU 412-2 PN V7 (todas las versiones), \nSIMATIC S7-400 CPU 414-3 PN/DP V7 (todas las versiones), \nSIMATIC S7 -400 CPU 414F-3 PN/DP V7 (todas las versiones), \nSIMATIC S7-400 CPU 416-3 PN/DP V7 (todas las versiones), \nSIMATIC S7-400 CPU 416F-3 PN/DP V7 (todas las versiones), \nSINAMICS S120 (incl. variantes SIPLUS) (todas las versiones \u0026lt; V5.2 SP3 HF15), \nSIPLUS S7-400 CPU 414-3 PN/DP V7 (todas las versiones), \nSIPLUS S7-400 CPU 416-3 PN/DP V7 (todas las versiones) ). \nLos productos afectados no manejan correctamente las solicitudes HTTP(S) al servidor web. Esto podr\u00eda permitir que un atacante agote los recursos del sistema y cree una condici\u00f3n de denegaci\u00f3n de servicio para el dispositivo."
}
],
"id": "CVE-2022-47374",
"lastModified": "2024-11-21T07:31:51.127",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Primary"
}
]
},
"published": "2023-12-12T12:15:10.563",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
cve-2022-47374
Vulnerability from cvelistv5
Published
2023-12-12 11:25
Modified
2024-08-03 14:55
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly.
This could allow an attacker to exhaust system resources and create a denial of service condition for the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PC-Station Plus |
Version: All versions |
||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:55:07.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC\u00a0PC-Station Plus",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 412-2 PN V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 414-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 414F-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 416-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 416F-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2 SP3 HF15"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-400 CPU 414-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-400 CPU 416-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC\u00a0PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions \u003c V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly.\r\n\r\nThis could allow an attacker to exhaust system resources and create a denial of service condition for the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674: Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T11:25:31.314Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-47374",
"datePublished": "2023-12-12T11:25:31.314Z",
"dateReserved": "2022-12-13T14:51:37.209Z",
"dateUpdated": "2024-08-03T14:55:07.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-47375
Vulnerability from cvelistv5
Published
2023-12-12 11:25
Modified
2024-08-03 14:55
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly.
This could allow an attacker to create a buffer overflow and create a denial of service condition for the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PC-Station Plus |
Version: All versions |
||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:55:07.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC\u00a0PC-Station Plus",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 412-2 PN V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 414-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 414F-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 416-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 CPU 416F-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2 SP3 HF15"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-400 CPU 414-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-400 CPU 416-3 PN/DP V7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC\u00a0PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions \u003c V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly.\r\n\r\nThis could allow an attacker to create a buffer overflow and create a denial of service condition for the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-805",
"description": "CWE-805: Buffer Access with Incorrect Length Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T11:25:32.533Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-47375",
"datePublished": "2023-12-12T11:25:32.533Z",
"dateReserved": "2022-12-13T14:51:37.210Z",
"dateUpdated": "2024-08-03T14:55:07.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-202312-0260
Vulnerability from variot
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly.
This could allow an attacker to create a buffer overflow and create a denial of service condition for the device. 6es7412-2ek07-0ab0 firmware, 6es7414-3em07-0ab0 firmware, 6es7414-3fm07-0ab0 A buffer error vulnerability exists in multiple Siemens products, including firmware.Service operation interruption (DoS) It may be in a state. SIMATIC PC Station is a software component for managing SIMATIC software products and interfaces on a PC. SIMATIC S7-400 controllers are designed for discrete and continuous control in industrial environments, such as the manufacturing, food and beverage, and chemical industries around the world.
A denial of service vulnerability exists in the web servers of several Siemens products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202312-0260",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "6es7412-2ek07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "6es7416-3fs07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "6es7414-3em07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.9"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.2"
},
{
"model": "6es7416-3es07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "6es7414-3fm07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "6ag1416-3es07-7ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "6ag1414-3em07-7ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic pc-station plus",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinamics s120",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7414-3fm07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7414-3em07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7416-3es07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic pc-station plus",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7416-3fs07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6ag1416-3es07-7ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7412-2ek07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6ag1414-3em07-7ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-400 cpu pn",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "412-2v7"
},
{
"model": "simatic s7-400 cpu pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "414-3v7"
},
{
"model": "simatic s7-400 cpu 414f-3 pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v7"
},
{
"model": "simatic s7-400 cpu pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "416-3v7"
},
{
"model": "simatic s7-400 cpu 416f-3 pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v7"
},
{
"model": "simatic pc-station plus",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s120 sp3 hf15",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v5.2"
},
{
"model": "siplus s7-400 cpu pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "414-3v7"
},
{
"model": "siplus s7-400 cpu pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "416-3v7"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97269"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024736"
},
{
"db": "NVD",
"id": "CVE-2022-47375"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7412-2ek07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7412-2ek07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7414-3em07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7414-3em07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7414-3fm07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7414-3fm07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7416-3es07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7416-3es07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7416-3fs07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7416-3fs07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6ag1414-3em07-7ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6ag1414-3em07-7ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6ag1416-3es07-7ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6ag1416-3es07-7ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1_hotfix13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1_hotfix1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_pc-station_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_pc-station_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-47375"
}
]
},
"cve": "CVE-2022-47375",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-97269",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-024736",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2022-47375",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2022-024736",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2023-97269",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97269"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024736"
},
{
"db": "NVD",
"id": "CVE-2022-47375"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC\u00a0PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions \u003c V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly. \r\n\r\nThis could allow an attacker to create a buffer overflow and create a denial of service condition for the device. 6es7412-2ek07-0ab0 firmware, 6es7414-3em07-0ab0 firmware, 6es7414-3fm07-0ab0 A buffer error vulnerability exists in multiple Siemens products, including firmware.Service operation interruption (DoS) It may be in a state. SIMATIC PC Station is a software component for managing SIMATIC software products and interfaces on a PC. SIMATIC S7-400 controllers are designed for discrete and continuous control in industrial environments, such as the manufacturing, food and beverage, and chemical industries around the world. \n\r\n\r\nA denial of service vulnerability exists in the web servers of several Siemens products",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-47375"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024736"
},
{
"db": "CNVD",
"id": "CNVD-2023-97269"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-47375",
"trust": 3.2
},
{
"db": "SIEMENS",
"id": "SSA-892915",
"trust": 2.4
},
{
"db": "JVN",
"id": "JVNVU98271228",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-23-348-05",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024736",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-97269",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97269"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024736"
},
{
"db": "NVD",
"id": "CVE-2022-47375"
}
]
},
"id": "VAR-202312-0260",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97269"
}
],
"trust": 1.2086956
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97269"
}
]
},
"last_update_date": "2024-01-18T19:58:48.194000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Web server denial of service vulnerability in multiple Siemens products (CNVD-2023-97269)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/500421"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97269"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-024736"
},
{
"db": "NVD",
"id": "CVE-2022-47375"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98271228/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-47375"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-05"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-892915.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97269"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024736"
},
{
"db": "NVD",
"id": "CVE-2022-47375"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-97269"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024736"
},
{
"db": "NVD",
"id": "CVE-2022-47375"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-12-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-97269"
},
{
"date": "2024-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-024736"
},
{
"date": "2023-12-12T12:15:10.797000",
"db": "NVD",
"id": "CVE-2022-47375"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-97269"
},
{
"date": "2024-01-15T05:11:00",
"db": "JVNDB",
"id": "JVNDB-2022-024736"
},
{
"date": "2023-12-18T14:52:52.443000",
"db": "NVD",
"id": "CVE-2022-47375"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error vulnerability in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-024736"
}
],
"trust": 0.8
}
}
var-202312-0261
Vulnerability from variot
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly.
This could allow an attacker to exhaust system resources and create a denial of service condition for the device. 6es7412-2ek07-0ab0 firmware, 6es7414-3em07-0ab0 firmware, 6es7414-3fm07-0ab0 Multiple Siemens products, including firmware, contain vulnerabilities related to recursion control.Service operation interruption (DoS) It may be in a state. SIMATIC PC Station is a software component for managing SIMATIC software products and interfaces on a PC. SIMATIC S7-400 controllers are designed for discrete and continuous control in industrial environments, such as the manufacturing, food and beverage, and chemical industries around the world.
A denial of service vulnerability exists in the web servers of multiple Siemens products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202312-0261",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "6es7412-2ek07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "6es7416-3fs07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "6es7414-3em07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.9"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.2"
},
{
"model": "6es7416-3es07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "6es7414-3fm07-0ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "6ag1416-3es07-7ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "6ag1414-3em07-7ab0",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic pc-station plus",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinamics s120",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7414-3fm07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7414-3em07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7416-3es07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic pc-station plus",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7416-3fs07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6ag1416-3es07-7ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6es7412-2ek07-0ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6ag1414-3em07-7ab0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-400 cpu pn",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "412-2v7"
},
{
"model": "simatic s7-400 cpu pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "414-3v7"
},
{
"model": "simatic s7-400 cpu 414f-3 pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v7"
},
{
"model": "simatic s7-400 cpu pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "416-3v7"
},
{
"model": "simatic s7-400 cpu 416f-3 pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v7"
},
{
"model": "simatic pc-station plus",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s120 sp3 hf15",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v5.2"
},
{
"model": "siplus s7-400 cpu pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "414-3v7"
},
{
"model": "siplus s7-400 cpu pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "416-3v7"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97270"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024737"
},
{
"db": "NVD",
"id": "CVE-2022-47374"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7412-2ek07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7412-2ek07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7414-3em07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7414-3em07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7414-3fm07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7414-3fm07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7416-3es07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7416-3es07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6es7416-3fs07-0ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6es7416-3fs07-0ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6ag1414-3em07-7ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6ag1414-3em07-7ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:6ag1416-3es07-7ab0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:6ag1416-3es07-7ab0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1_hotfix13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1_hotfix1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3_hotfix1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:hotfix11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s120_firmware:5.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_pc-station_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_pc-station_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-47374"
}
]
},
"cve": "CVE-2022-47374",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-97270",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-024737",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2022-47374",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2022-024737",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2023-97270",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97270"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024737"
},
{
"db": "NVD",
"id": "CVE-2022-47374"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC\u00a0PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions \u003c V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly. \r\n\r\nThis could allow an attacker to exhaust system resources and create a denial of service condition for the device. 6es7412-2ek07-0ab0 firmware, 6es7414-3em07-0ab0 firmware, 6es7414-3fm07-0ab0 Multiple Siemens products, including firmware, contain vulnerabilities related to recursion control.Service operation interruption (DoS) It may be in a state. SIMATIC PC Station is a software component for managing SIMATIC software products and interfaces on a PC. SIMATIC S7-400 controllers are designed for discrete and continuous control in industrial environments, such as the manufacturing, food and beverage, and chemical industries around the world. \n\r\n\r\nA denial of service vulnerability exists in the web servers of multiple Siemens products",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-47374"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024737"
},
{
"db": "CNVD",
"id": "CNVD-2023-97270"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-47374",
"trust": 3.2
},
{
"db": "SIEMENS",
"id": "SSA-892915",
"trust": 2.4
},
{
"db": "JVN",
"id": "JVNVU98271228",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-23-348-05",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024737",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-97270",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97270"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024737"
},
{
"db": "NVD",
"id": "CVE-2022-47374"
}
]
},
"id": "VAR-202312-0261",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97270"
}
],
"trust": 1.2086956
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97270"
}
]
},
"last_update_date": "2024-01-18T20:36:28.710000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Denial of Service Vulnerabilities in Web Servers of Multiple Siemens Products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/500411"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97270"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-674",
"trust": 1.0
},
{
"problemtype": "Inappropriate recursive control (CWE-674) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-024737"
},
{
"db": "NVD",
"id": "CVE-2022-47374"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98271228/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-47374"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-05"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-892915.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97270"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024737"
},
{
"db": "NVD",
"id": "CVE-2022-47374"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-97270"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-024737"
},
{
"db": "NVD",
"id": "CVE-2022-47374"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-12-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-97270"
},
{
"date": "2024-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-024737"
},
{
"date": "2023-12-12T12:15:10.563000",
"db": "NVD",
"id": "CVE-2022-47374"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-97270"
},
{
"date": "2024-01-15T05:11:00",
"db": "JVNDB",
"id": "JVNDB-2022-024737"
},
{
"date": "2023-12-18T14:52:16.673000",
"db": "NVD",
"id": "CVE-2022-47374"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Recursion control vulnerability in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-024737"
}
],
"trust": 0.8
}
}