Search criteria
177 vulnerabilities found for wincc by siemens
VAR-202407-0957
Vulnerability from variot - Updated: 2024-07-23 22:45WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile terminals, extract intelligent data, analyze data and make reports.
Siemens (China) Co., Ltd. WinCC has a denial of service vulnerability, which can be exploited by attackers to cause denial of service.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202407-0957",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v7.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-25229"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2024-25229",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2024-25229",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-25229"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile terminals, extract intelligent data, analyze data and make reports.\n\nSiemens (China) Co., Ltd. WinCC has a denial of service vulnerability, which can be exploited by attackers to cause denial of service.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-25229"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-25229",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-25229"
}
]
},
"id": "VAR-202407-0957",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-25229"
}
],
"trust": 1.1531915
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-25229"
}
]
},
"last_update_date": "2024-07-23T22:45:59.391000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens (China) Co., Ltd. WinCC has a denial of service vulnerability (CNVD-C-2024-309044)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/554936"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-25229"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-25229"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-07-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-25229"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-06-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-25229"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens (China) Co., Ltd. WinCC has a denial of service vulnerability (CNVD-C-2024-309044)",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-25229"
}
],
"trust": 0.6
}
}
VAR-201708-0476
Vulnerability from variot - Updated: 2023-12-18 13:24An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Siemens industrial products are based on the OPC UAP protocol based on OPC to discover and configure LAN device information.
The Siemens OPC UA protocol has an XML external entity vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-0476",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.1"
},
{
"model": "local discovery server",
"scope": "lte",
"trust": 1.0,
"vendor": "ocpfoundation",
"version": "1.01.333.0"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.4"
},
{
"model": "ua .net",
"scope": "lte",
"trust": 1.0,
"vendor": "ocpfoundation",
"version": "2017-03-21"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "78.0"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "78.1"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "7.3"
},
{
"model": "local discovery server",
"scope": "lt",
"trust": 0.8,
"vendor": "opc",
"version": "1.03.367"
},
{
"model": "ua .net",
"scope": "eq",
"trust": 0.8,
"vendor": "opc",
"version": "2017-03-21"
},
{
"model": "simatic it production suite",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic net pc software",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic pcs 7",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc runtime professional",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic it production suite all",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic net pc-software",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7\u003c=7.1"
},
{
"model": "simatic wincc sp1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v7.4"
},
{
"model": "simatic wincc runtime professional",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v13"
},
{
"model": "simatic wincc runtime professional sp1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v14"
},
{
"model": "local discovery server",
"scope": "eq",
"trust": 0.6,
"vendor": "ocpfoundation",
"version": "1.01.333.0"
},
{
"model": "ua .net",
"scope": "eq",
"trust": 0.6,
"vendor": "ocpfoundation",
"version": "2017-03-21"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.4"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "77.1"
},
{
"model": "simatic net pc-software",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic net pc-software sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic net pc-software hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic net pc-software",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic net pc-software sp2 hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "12"
},
{
"model": "simatic net pc-software",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "12"
},
{
"model": "simatic it production suite",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "plant connectivity",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "15.0"
},
{
"model": "simatic wincc runtime professional sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "7.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "local discovery server",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ua net",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
},
{
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"db": "BID",
"id": "100559"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"db": "NVD",
"id": "CVE-2017-12069"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ocpfoundation:ua_.net:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2017-03-21",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ocpfoundation:local_discovery_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.01.333.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12069"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Temnikov of Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "100559"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12069",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-12069",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-24363",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-102554",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.2,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-12069",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12069",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-24363",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1273",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-102554",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-12069",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
},
{
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"db": "VULHUB",
"id": "VHN-102554"
},
{
"db": "VULMON",
"id": "CVE-2017-12069"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"db": "NVD",
"id": "CVE-2017-12069"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions \u003c V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions \u003c V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Siemens industrial products are based on the OPC UAP protocol based on OPC to discover and configure LAN device information. \n\nThe Siemens OPC UA protocol has an XML external entity vulnerability. \nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12069"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"db": "BID",
"id": "100559"
},
{
"db": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
},
{
"db": "VULHUB",
"id": "VHN-102554"
},
{
"db": "VULMON",
"id": "CVE-2017-12069"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12069",
"trust": 3.7
},
{
"db": "SIEMENS",
"id": "SSA-535640",
"trust": 1.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-243-01",
"trust": 1.6
},
{
"db": "BID",
"id": "100559",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1039510",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1273",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-24363",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-243-01B",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008019",
"trust": 0.8
},
{
"db": "IVD",
"id": "E3C681F4-90BE-4763-9EA0-9BF8B55433BB",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-102554",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-12069",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
},
{
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"db": "VULHUB",
"id": "VHN-102554"
},
{
"db": "VULMON",
"id": "CVE-2017-12069"
},
{
"db": "BID",
"id": "100559"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"db": "NVD",
"id": "CVE-2017-12069"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
]
},
"id": "VAR-201708-0476",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
},
{
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"db": "VULHUB",
"id": "VHN-102554"
}
],
"trust": 1.4807013
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
},
{
"db": "CNVD",
"id": "CNVD-2017-24363"
}
]
},
"last_update_date": "2023-12-18T13:24:20.856000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update for the OPC UA .NET Sample Code",
"trust": 0.8,
"url": "https://opcfoundation-onlineapplications.org/faq/securitybulletins/opc_foundation_security_bulletin_cve-2017-12069.pdf"
},
{
"title": "SSA-535640",
"trust": 0.8,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf"
},
{
"title": "Patch for Siemens OPC UA Protocol XML External Entity Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/176381"
},
{
"title": "Multiple Siemens product OPC Foundation UA .NET Sample Code and Local Discovery Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74833"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=0561e5e7e515f186e8a5589cf02f38a8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"db": "VULMON",
"id": "CVE-2017-12069"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102554"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"db": "NVD",
"id": "CVE-2017-12069"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf"
},
{
"trust": 1.5,
"url": "https://opcfoundation-onlineapplications.org/faq/securitybulletins/opc_foundation_security_bulletin_cve-2017-12069.pdf"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/100559"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1039510"
},
{
"trust": 0.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12069"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01b"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12069"
},
{
"trust": 0.6,
"url": "https://support.industry.siemens.com/cs/ww/en/view/109746038"
},
{
"trust": 0.6,
"url": "https://support.industry.siemens.com/cs/ww/en/view/109746276"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-243-01-0"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=500633095"
},
{
"trust": 0.3,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/611.html"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55504"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-17-243-01-0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"db": "VULHUB",
"id": "VHN-102554"
},
{
"db": "VULMON",
"id": "CVE-2017-12069"
},
{
"db": "BID",
"id": "100559"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"db": "NVD",
"id": "CVE-2017-12069"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
},
{
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"db": "VULHUB",
"id": "VHN-102554"
},
{
"db": "VULMON",
"id": "CVE-2017-12069"
},
{
"db": "BID",
"id": "100559"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"db": "NVD",
"id": "CVE-2017-12069"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-02T00:00:00",
"db": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
},
{
"date": "2017-09-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-102554"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12069"
},
{
"date": "2017-08-31T00:00:00",
"db": "BID",
"id": "100559"
},
{
"date": "2017-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"date": "2017-08-30T19:29:00.210000",
"db": "NVD",
"id": "CVE-2017-12069"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-24363"
},
{
"date": "2017-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-102554"
},
{
"date": "2017-10-06T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12069"
},
{
"date": "2018-10-12T04:00:00",
"db": "BID",
"id": "100559"
},
{
"date": "2017-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008019"
},
{
"date": "2017-10-06T01:29:00.443000",
"db": "NVD",
"id": "CVE-2017-12069"
},
{
"date": "2020-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens OPC UA protocol XML External entity vulnerability",
"sources": [
{
"db": "IVD",
"id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
},
{
"db": "CNVD",
"id": "CNVD-2017-24363"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1273"
}
],
"trust": 0.6
}
}
VAR-202306-0965
Vulnerability from variot - Updated: 2023-12-18 13:16A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation.
This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-0965",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.5.2.13"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "7.5.2.13"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-48549"
},
{
"db": "NVD",
"id": "CVE-2023-30897"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5.2.13",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-30897"
}
]
},
"cve": "CVE-2023-30897",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CNVD-2023-48549",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-30897",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2023-30897",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2023-48549",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202306-880",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-48549"
},
{
"db": "NVD",
"id": "CVE-2023-30897"
},
{
"db": "NVD",
"id": "CVE-2023-30897"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-880"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC WinCC (All versions \u003c V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. \r\n\r\nThis could allow an authenticated local attacker to inject arbitrary code and escalate privileges. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-30897"
},
{
"db": "CNVD",
"id": "CNVD-2023-48549"
},
{
"db": "VULMON",
"id": "CVE-2023-30897"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-30897",
"trust": 2.3
},
{
"db": "SIEMENS",
"id": "SSA-914026",
"trust": 2.3
},
{
"db": "CNVD",
"id": "CNVD-2023-48549",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202306-880",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-30897",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-48549"
},
{
"db": "VULMON",
"id": "CVE-2023-30897"
},
{
"db": "NVD",
"id": "CVE-2023-30897"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-880"
}
]
},
"id": "VAR-202306-0965",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-48549"
}
],
"trust": 1.181947215
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-48549"
}
]
},
"last_update_date": "2023-12-18T13:16:38.895000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens SIMATIC WinCC Native Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/433506"
},
{
"title": "Siemens SIMATIC WinCC Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=243027"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-48549"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-880"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-30897"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914026.pdf"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-914026.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-30897/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-48549"
},
{
"db": "VULMON",
"id": "CVE-2023-30897"
},
{
"db": "NVD",
"id": "CVE-2023-30897"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-880"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-48549"
},
{
"db": "VULMON",
"id": "CVE-2023-30897"
},
{
"db": "NVD",
"id": "CVE-2023-30897"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-880"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-48549"
},
{
"date": "2023-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2023-30897"
},
{
"date": "2023-06-13T09:15:17.703000",
"db": "NVD",
"id": "CVE-2023-30897"
},
{
"date": "2023-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-880"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-48549"
},
{
"date": "2023-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2023-30897"
},
{
"date": "2023-06-26T17:41:04.607000",
"db": "NVD",
"id": "CVE-2023-30897"
},
{
"date": "2023-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-880"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-880"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC Native Code Execution Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-48549"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-880"
}
],
"trust": 0.6
}
}
VAR-201306-0314
Vulnerability from variot - Updated: 2023-12-18 13:09SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. By operating the database, remote attackers can exploit this vulnerability to enhance their permissions. Depending on the system configuration, it is possible to obtain full system access rights and execute. Any SQL command
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0314",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs 7",
"scope": "lte",
"trust": 0.8,
"vendor": "siemens",
"version": "8.0 sp1"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.2 update 1"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.x"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "78.x"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002982"
},
{
"db": "NVD",
"id": "CVE-2013-3957"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-247"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3957"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Tlyapov from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "60558"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3957",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-3957",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-07609",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-63959",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3957",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-07609",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-247",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-63959",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"db": "VULHUB",
"id": "VHN-63959"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002982"
},
{
"db": "NVD",
"id": "CVE-2013-3957"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-247"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. By operating the database, remote attackers can exploit this vulnerability to enhance their permissions. Depending on the system configuration, it is possible to obtain full system access rights and execute. Any SQL command",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3957"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002982"
},
{
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"db": "BID",
"id": "60558"
},
{
"db": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-63959"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3957",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-345843",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "53805",
"trust": 1.2
},
{
"db": "BID",
"id": "60558",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2013-07609",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201306-247",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002982",
"trust": 0.8
},
{
"db": "IVD",
"id": "E6A420B0-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-63959",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"db": "VULHUB",
"id": "VHN-63959"
},
{
"db": "BID",
"id": "60558"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002982"
},
{
"db": "NVD",
"id": "CVE-2013-3957"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-247"
}
]
},
"id": "VAR-201306-0314",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"db": "VULHUB",
"id": "VHN-63959"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07609"
}
]
},
"last_update_date": "2023-12-18T13:09:31.214000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-345843: Vulnerabilites in WinCC 7.2",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
},
{
"title": "Patch for Siemens SIMATIC WinCC/PCS 7 SQL Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/34669"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002982"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63959"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002982"
},
{
"db": "NVD",
"id": "CVE-2013-3957"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3957"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3957"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53805/"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53805"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"db": "VULHUB",
"id": "VHN-63959"
},
{
"db": "BID",
"id": "60558"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002982"
},
{
"db": "NVD",
"id": "CVE-2013-3957"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-247"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"db": "VULHUB",
"id": "VHN-63959"
},
{
"db": "BID",
"id": "60558"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002982"
},
{
"db": "NVD",
"id": "CVE-2013-3957"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-247"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-19T00:00:00",
"db": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"date": "2013-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-63959"
},
{
"date": "2013-06-14T00:00:00",
"db": "BID",
"id": "60558"
},
{
"date": "2013-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002982"
},
{
"date": "2013-06-14T19:55:01.233000",
"db": "NVD",
"id": "CVE-2013-3957"
},
{
"date": "2013-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-247"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-07609"
},
{
"date": "2013-06-17T00:00:00",
"db": "VULHUB",
"id": "VHN-63959"
},
{
"date": "2015-03-19T08:17:00",
"db": "BID",
"id": "60558"
},
{
"date": "2013-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002982"
},
{
"date": "2013-06-17T04:00:00",
"db": "NVD",
"id": "CVE-2013-3957"
},
{
"date": "2013-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-247"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-247"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SIMATIC PCS 7 Used in Siemens WinCC of Web Navigator In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002982"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-247"
}
],
"trust": 0.8
}
}
VAR-201306-0316
Vulnerability from variot - Updated: 2023-12-18 13:09The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted URL parameters. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC And PCS 7 are prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid usernames. This may aid brute-force password cracking or other attacks. There is a vulnerability in the Web Navigator in Siemens WinCC 7.2 Update 1 and earlier versions used in SIMATIC PCS7 8.0 SP1 and earlier versions and other products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0316",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs 7",
"scope": "lte",
"trust": 0.8,
"vendor": "siemens",
"version": "8.0 sp1"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.2 update 1"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.x"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "78.x"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002984"
},
{
"db": "NVD",
"id": "CVE-2013-3959"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-249"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3959"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Tlyapov from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "60559"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3959",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-3959",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2013-07608",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-63961",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3959",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-07608",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-249",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-63961",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"db": "VULHUB",
"id": "VHN-63961"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002984"
},
{
"db": "NVD",
"id": "CVE-2013-3959"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-249"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted URL parameters. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC And PCS 7 are prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. \nAttackers may exploit this weakness to discern valid usernames. This may aid brute-force password cracking or other attacks. There is a vulnerability in the Web Navigator in Siemens WinCC 7.2 Update 1 and earlier versions used in SIMATIC PCS7 8.0 SP1 and earlier versions and other products",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3959"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002984"
},
{
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"db": "BID",
"id": "60559"
},
{
"db": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-63961"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3959",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-345843",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "53805",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSA-13-169-02",
"trust": 1.1
},
{
"db": "BID",
"id": "60559",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201306-249",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-07608",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002984",
"trust": 0.8
},
{
"db": "IVD",
"id": "E694E1EA-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-63961",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"db": "VULHUB",
"id": "VHN-63961"
},
{
"db": "BID",
"id": "60559"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002984"
},
{
"db": "NVD",
"id": "CVE-2013-3959"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-249"
}
]
},
"id": "VAR-201306-0316",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"db": "VULHUB",
"id": "VHN-63961"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07608"
}
]
},
"last_update_date": "2023-12-18T13:09:31.178000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-345843: Vulnerabilites in WinCC 7.2",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
},
{
"title": "Siemens SIMATIC WinCC/PCS 7 User Name Enumeration Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/34668"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002984"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63961"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002984"
},
{
"db": "NVD",
"id": "CVE-2013-3959"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-13-169-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3959"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3959"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53805/"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53805"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"db": "VULHUB",
"id": "VHN-63961"
},
{
"db": "BID",
"id": "60559"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002984"
},
{
"db": "NVD",
"id": "CVE-2013-3959"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-249"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"db": "VULHUB",
"id": "VHN-63961"
},
{
"db": "BID",
"id": "60559"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002984"
},
{
"db": "NVD",
"id": "CVE-2013-3959"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-249"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-19T00:00:00",
"db": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"date": "2013-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-63961"
},
{
"date": "2013-06-14T00:00:00",
"db": "BID",
"id": "60559"
},
{
"date": "2013-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002984"
},
{
"date": "2013-06-14T19:55:01.270000",
"db": "NVD",
"id": "CVE-2013-3959"
},
{
"date": "2013-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-249"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-07608"
},
{
"date": "2013-06-17T00:00:00",
"db": "VULHUB",
"id": "VHN-63961"
},
{
"date": "2015-03-19T09:11:00",
"db": "BID",
"id": "60559"
},
{
"date": "2013-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002984"
},
{
"date": "2013-06-17T04:00:00",
"db": "NVD",
"id": "CVE-2013-3959"
},
{
"date": "2013-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-249"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-249"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC/PCS 7 User Name Enumeration Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07608"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-249"
}
],
"trust": 0.6
}
}
VAR-201306-0315
Vulnerability from variot - Updated: 2023-12-18 13:09The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. An attacker can exploit the vulnerability to gain access. The vulnerability is due to the fact that the program has hard-coded accounts
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0315",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs 7",
"scope": "lte",
"trust": 0.8,
"vendor": "siemens",
"version": "8.0 sp1"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.2 update 1"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.x"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "78.x"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002983"
},
{
"db": "NVD",
"id": "CVE-2013-3958"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-248"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3958"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Tlyapov from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "60561"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3958",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-3958",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-07606",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-63960",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3958",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-07606",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-248",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-63960",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"db": "VULHUB",
"id": "VHN-63960"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002983"
},
{
"db": "NVD",
"id": "CVE-2013-3958"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-248"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. An attacker can exploit the vulnerability to gain access. The vulnerability is due to the fact that the program has hard-coded accounts",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3958"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002983"
},
{
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"db": "BID",
"id": "60561"
},
{
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-63960"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3958",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-345843",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "53805",
"trust": 1.2
},
{
"db": "BID",
"id": "60561",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201306-248",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-07606",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-13-169-02",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002983",
"trust": 0.8
},
{
"db": "IVD",
"id": "E69A1CA0-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-63960",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"db": "VULHUB",
"id": "VHN-63960"
},
{
"db": "BID",
"id": "60561"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002983"
},
{
"db": "NVD",
"id": "CVE-2013-3958"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-248"
}
]
},
"id": "VAR-201306-0315",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"db": "VULHUB",
"id": "VHN-63960"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07606"
}
]
},
"last_update_date": "2023-12-18T13:09:31.141000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-345843: Vulnerabilites in WinCC 7.2",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
},
{
"title": "\\302\\240Siemens SIMATIC WinCC/PCS 7 Hardcoded Credential Security Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/34666"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002983"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63960"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002983"
},
{
"db": "NVD",
"id": "CVE-2013-3958"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3958"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-13-169-02"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3958"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53805/"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53805"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"db": "VULHUB",
"id": "VHN-63960"
},
{
"db": "BID",
"id": "60561"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002983"
},
{
"db": "NVD",
"id": "CVE-2013-3958"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-248"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"db": "VULHUB",
"id": "VHN-63960"
},
{
"db": "BID",
"id": "60561"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002983"
},
{
"db": "NVD",
"id": "CVE-2013-3958"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-248"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-19T00:00:00",
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"date": "2013-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-63960"
},
{
"date": "2013-06-14T00:00:00",
"db": "BID",
"id": "60561"
},
{
"date": "2013-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002983"
},
{
"date": "2013-06-14T19:55:01.250000",
"db": "NVD",
"id": "CVE-2013-3958"
},
{
"date": "2013-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-248"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-07606"
},
{
"date": "2013-06-17T00:00:00",
"db": "VULHUB",
"id": "VHN-63960"
},
{
"date": "2013-06-19T07:17:00",
"db": "BID",
"id": "60561"
},
{
"date": "2013-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002983"
},
{
"date": "2013-06-17T04:00:00",
"db": "NVD",
"id": "CVE-2013-3958"
},
{
"date": "2013-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-248"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-248"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC/PCS 7 Hardcoded Credential Security Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-07606"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trust management",
"sources": [
{
"db": "IVD",
"id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-248"
}
],
"trust": 0.8
}
}
VAR-201209-0223
Vulnerability from variot - Updated: 2023-12-18 12:58WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request. Siemens SIMATIC is an automation software in a single engineering environment. The Siemens SIMATIC WinCC WebNavigator component incorrectly handles input, allowing an attacker to read system files using a directory traversal sequence. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user.
3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0223",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": "simatic pcs 7",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": "lte",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.x"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "77.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5083"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004447"
},
{
"db": "NVD",
"id": "CVE-2012-3030"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3030"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Denis Baranov Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov,Timur Yunusov from Positive Technologies",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
],
"trust": 0.6
},
"cve": "CVE-2012-3030",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-3030",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-56311",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3030",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-293",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-56311",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56311"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004447"
},
{
"db": "NVD",
"id": "CVE-2012-3030"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request. Siemens SIMATIC is an automation software in a single engineering environment. The Siemens SIMATIC WinCC WebNavigator component incorrectly handles input, allowing an attacker to read system files using a directory traversal sequence. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3030"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004447"
},
{
"db": "CNVD",
"id": "CNVD-2012-5083"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56311"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3030",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-864051",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-256-01",
"trust": 2.5
},
{
"db": "CNNVD",
"id": "CNNVD-201209-293",
"trust": 0.9
},
{
"db": "BID",
"id": "55492",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-5083",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004447",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "50568",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "20651",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20932",
"trust": 0.6
},
{
"db": "IVD",
"id": "5DD6AF86-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "50581",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56311",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116445",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116447",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5083"
},
{
"db": "VULHUB",
"id": "VHN-56311"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004447"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3030"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
]
},
"id": "VAR-201209-0223",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5083"
},
{
"db": "VULHUB",
"id": "VHN-56311"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5083"
}
]
},
"last_update_date": "2023-12-18T12:58:16.139000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/"
},
{
"title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens SIMATIC WinCC arbitrary file read vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/22131"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5083"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004447"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56311"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004447"
},
{
"db": "NVD",
"id": "CVE-2012-3030"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
},
{
"trust": 1.9,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"trust": 1.7,
"url": "http://en.securitylab.ru/lab/pt-2012-43"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3030"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3030"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50568"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/55492"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20932"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20651"
},
{
"trust": 0.3,
"url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5083"
},
{
"db": "VULHUB",
"id": "VHN-56311"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004447"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3030"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5083"
},
{
"db": "VULHUB",
"id": "VHN-56311"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004447"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3030"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-13T00:00:00",
"db": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5083"
},
{
"date": "2012-09-18T00:00:00",
"db": "VULHUB",
"id": "VHN-56311"
},
{
"date": "2012-09-11T00:00:00",
"db": "BID",
"id": "55492"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004447"
},
{
"date": "2012-09-11T07:30:00",
"db": "PACKETSTORM",
"id": "116445"
},
{
"date": "2012-09-11T07:30:06",
"db": "PACKETSTORM",
"id": "116447"
},
{
"date": "2012-09-18T14:55:01.443000",
"db": "NVD",
"id": "CVE-2012-3030"
},
{
"date": "2012-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5083"
},
{
"date": "2012-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-56311"
},
{
"date": "2012-09-12T22:50:00",
"db": "BID",
"id": "55492"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004447"
},
{
"date": "2012-12-20T05:00:00",
"db": "NVD",
"id": "CVE-2012-3030"
},
{
"date": "2012-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC Arbitrary File Read Vulnerability",
"sources": [
{
"db": "IVD",
"id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5083"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-293"
}
],
"trust": 0.6
}
}
VAR-201209-0222
Vulnerability from variot - Updated: 2023-12-18 12:58Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service. (DoS) There is a possibility of being put into a state. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences.
3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0222",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "6.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": "simatic pcs 7",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": "lte",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "BID",
"id": "55493"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004446"
},
{
"db": "NVD",
"id": "CVE-2012-3028"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3028"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "55493"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
],
"trust": 0.9
},
"cve": "CVE-2012-3028",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-3028",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2012-5088",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-56309",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3028",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2012-5088",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-303",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-56309",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "VULHUB",
"id": "VHN-56309"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004446"
},
{
"db": "NVD",
"id": "CVE-2012-3028"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service. (DoS) There is a possibility of being put into a state. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to a cross-site request-forgery vulnerability. \nExploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. This can be\nexploited to execute arbitrary HTML and script code in a user\u0027s\nbrowser session in context of an affected site. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3028"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004446"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "BID",
"id": "55493"
},
{
"db": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56309"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3028",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-864051",
"trust": 2.8
},
{
"db": "ICS CERT",
"id": "ICSA-12-256-01",
"trust": 2.5
},
{
"db": "BID",
"id": "55493",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201209-303",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-5088",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004446",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "50581",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "20652",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20933",
"trust": 0.6
},
{
"db": "IVD",
"id": "5DDC3EC4-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "50568",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56309",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116445",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116447",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "VULHUB",
"id": "VHN-56309"
},
{
"db": "BID",
"id": "55493"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004446"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3028"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
]
},
"id": "VAR-201209-0222",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "VULHUB",
"id": "VHN-56309"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
}
]
},
"last_update_date": "2023-12-18T12:58:16.092000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/"
},
{
"title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens SIMATIC WinCC Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/80787"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004446"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56309"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004446"
},
{
"db": "NVD",
"id": "CVE-2012-3028"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
},
{
"trust": 2.2,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"trust": 1.7,
"url": "http://en.securitylab.ru/lab/pt-2012-42"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3028"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3028"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-864051.pdf"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50581"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/55493"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20933"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20652"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "VULHUB",
"id": "VHN-56309"
},
{
"db": "BID",
"id": "55493"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004446"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3028"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "VULHUB",
"id": "VHN-56309"
},
{
"db": "BID",
"id": "55493"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004446"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3028"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-13T00:00:00",
"db": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"date": "2012-09-18T00:00:00",
"db": "VULHUB",
"id": "VHN-56309"
},
{
"date": "2012-09-11T00:00:00",
"db": "BID",
"id": "55493"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004446"
},
{
"date": "2012-09-11T07:30:00",
"db": "PACKETSTORM",
"id": "116445"
},
{
"date": "2012-09-11T07:30:06",
"db": "PACKETSTORM",
"id": "116447"
},
{
"date": "2012-09-18T14:55:01.397000",
"db": "NVD",
"id": "CVE-2012-3028"
},
{
"date": "2012-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"date": "2012-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-56309"
},
{
"date": "2015-03-19T09:33:00",
"db": "BID",
"id": "55493"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004446"
},
{
"date": "2012-09-19T04:00:00",
"db": "NVD",
"id": "CVE-2012-3028"
},
{
"date": "2012-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "IVD",
"id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "BID",
"id": "55493"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
],
"trust": 1.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-303"
}
],
"trust": 0.6
}
}
VAR-201209-0225
Vulnerability from variot - Updated: 2023-12-18 12:58SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user.
2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0225",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": "simatic pcs 7",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": "lte",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.x"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "77.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5086"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004449"
},
{
"db": "NVD",
"id": "CVE-2012-3032"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3032"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Denis Baranov Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov,Timur Yunusov from Positive Technologies",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
],
"trust": 0.6
},
"cve": "CVE-2012-3032",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-3032",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-56313",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3032",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-295",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-56313",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56313"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004449"
},
{
"db": "NVD",
"id": "CVE-2012-3032"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3032"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004449"
},
{
"db": "CNVD",
"id": "CNVD-2012-5086"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56313"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3032",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-864051",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-256-01",
"trust": 2.5
},
{
"db": "CNNVD",
"id": "CNNVD-201209-295",
"trust": 0.9
},
{
"db": "BID",
"id": "55492",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-5086",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004449",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "50568",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "20935",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20651",
"trust": 0.6
},
{
"db": "IVD",
"id": "5E1894B4-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "50581",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56313",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116445",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116447",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5086"
},
{
"db": "VULHUB",
"id": "VHN-56313"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004449"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3032"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
]
},
"id": "VAR-201209-0225",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5086"
},
{
"db": "VULHUB",
"id": "VHN-56313"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5086"
}
]
},
"last_update_date": "2023-12-18T12:58:16.245000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/"
},
{
"title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens SIMATIC WinCC SOAP SQL Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/22133"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5086"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004449"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56313"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004449"
},
{
"db": "NVD",
"id": "CVE-2012-3032"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
},
{
"trust": 1.9,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"trust": 1.7,
"url": "http://en.securitylab.ru/lab/pt-2012-44"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3032"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3032"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50568"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/55492"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20935"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20651"
},
{
"trust": 0.3,
"url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5086"
},
{
"db": "VULHUB",
"id": "VHN-56313"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004449"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3032"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5086"
},
{
"db": "VULHUB",
"id": "VHN-56313"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004449"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3032"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-13T00:00:00",
"db": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5086"
},
{
"date": "2012-09-18T00:00:00",
"db": "VULHUB",
"id": "VHN-56313"
},
{
"date": "2012-09-11T00:00:00",
"db": "BID",
"id": "55492"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004449"
},
{
"date": "2012-09-11T07:30:00",
"db": "PACKETSTORM",
"id": "116445"
},
{
"date": "2012-09-11T07:30:06",
"db": "PACKETSTORM",
"id": "116447"
},
{
"date": "2012-09-18T14:55:01.537000",
"db": "NVD",
"id": "CVE-2012-3032"
},
{
"date": "2012-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5086"
},
{
"date": "2012-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-56313"
},
{
"date": "2012-09-12T22:50:00",
"db": "BID",
"id": "55492"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004449"
},
{
"date": "2012-09-19T14:03:28.030000",
"db": "NVD",
"id": "CVE-2012-3032"
},
{
"date": "2012-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC of WebNavigator In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004449"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-295"
}
],
"trust": 0.8
}
}
VAR-201209-0224
Vulnerability from variot - Updated: 2023-12-18 12:58Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header. Siemens SIMATIC PCS7 And used in other products Siemens WinCC of WebNavigator Contains a cross-site scripting vulnerability.By any third party, any Web Script or HTML May be inserted. (1) GET Parameters (2) POST Parameters (3) Referer HTTP header. A cross-site request forgery vulnerability exists in Siemens SIMATIC WinCC that allows an attacker to build a malicious web page, trick the user into parsing, and perform malicious actions in the target user context. Siemens SIMATIC is an automation software in a single engineering environment. Part of the input passed to the WebNavigator component lacks filtering before returning to the user, and can be exploited for cross-site scripting attacks to obtain sensitive information or hijack user sessions. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences.
3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0224",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": "simatic pcs 7",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": "lte",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "6.2"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.x"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "77.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "CNVD",
"id": "CNVD-2012-5084"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"db": "NVD",
"id": "CVE-2012-3031"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3031"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pavel Toporkov,Denis Baranov Sergey Bobrov, Artem Chaykin,Timur Yunusov from Positive Technologies, Vladimir Kochetkov",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
],
"trust": 0.6
},
"cve": "CVE-2012-3031",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-3031",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2012-5088",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-56312",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3031",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2012-5088",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-294",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-56312",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "VULHUB",
"id": "VHN-56312"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"db": "NVD",
"id": "CVE-2012-3031"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header. Siemens SIMATIC PCS7 And used in other products Siemens WinCC of WebNavigator Contains a cross-site scripting vulnerability.By any third party, any Web Script or HTML May be inserted. (1) GET Parameters (2) POST Parameters (3) Referer HTTP header. A cross-site request forgery vulnerability exists in Siemens SIMATIC WinCC that allows an attacker to build a malicious web page, trick the user into parsing, and perform malicious actions in the target user context. Siemens SIMATIC is an automation software in a single engineering environment. Part of the input passed to the WebNavigator component lacks filtering before returning to the user, and can be exploited for cross-site scripting attacks to obtain sensitive information or hijack user sessions. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3031"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "CNVD",
"id": "CNVD-2012-5084"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56312"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
}
],
"trust": 3.42
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3031",
"trust": 4.2
},
{
"db": "SIEMENS",
"id": "SSA-864051",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-256-01",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201209-294",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-5084",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004448",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-5088",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47149",
"trust": 0.6
},
{
"db": "BID",
"id": "55492",
"trust": 0.3
},
{
"db": "IVD",
"id": "5DD0E308-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "50581",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "50568",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56312",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116445",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116447",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "CNVD",
"id": "CNVD-2012-5084"
},
{
"db": "VULHUB",
"id": "VHN-56312"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3031"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
]
},
"id": "VAR-201209-0224",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "CNVD",
"id": "CNVD-2012-5084"
},
{
"db": "VULHUB",
"id": "VHN-56312"
}
],
"trust": 2.09052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.4
}
],
"sources": [
{
"db": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "CNVD",
"id": "CNVD-2012-5084"
}
]
},
"last_update_date": "2023-12-18T12:58:16.194000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/"
},
{
"title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens SIMATIC WinCC Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/80787"
},
{
"title": "Patch for Siemens SIMATIC WinCC Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/22132"
},
{
"title": "WinCC_V70_SP3_Upd4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=44861"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "CNVD",
"id": "CNVD-2012-5084"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56312"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"db": "NVD",
"id": "CVE-2012-3031"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
},
{
"trust": 1.3,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"trust": 1.1,
"url": "http://en.securitylab.ru/lab/pt-2012-42"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3031"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3031"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-864051.pdf"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47149"
},
{
"trust": 0.3,
"url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "CNVD",
"id": "CNVD-2012-5084"
},
{
"db": "VULHUB",
"id": "VHN-56312"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3031"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"db": "CNVD",
"id": "CNVD-2012-5084"
},
{
"db": "VULHUB",
"id": "VHN-56312"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3031"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-13T00:00:00",
"db": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5084"
},
{
"date": "2012-09-18T00:00:00",
"db": "VULHUB",
"id": "VHN-56312"
},
{
"date": "2012-09-11T00:00:00",
"db": "BID",
"id": "55492"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"date": "2012-09-11T07:30:00",
"db": "PACKETSTORM",
"id": "116445"
},
{
"date": "2012-09-11T07:30:06",
"db": "PACKETSTORM",
"id": "116447"
},
{
"date": "2012-09-18T14:55:01.490000",
"db": "NVD",
"id": "CVE-2012-3031"
},
{
"date": "2012-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5088"
},
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5084"
},
{
"date": "2012-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-56312"
},
{
"date": "2012-09-12T22:50:00",
"db": "BID",
"id": "55492"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004448"
},
{
"date": "2012-09-19T04:00:00",
"db": "NVD",
"id": "CVE-2012-3031"
},
{
"date": "2020-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5084"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-294"
}
],
"trust": 0.6
}
}
VAR-201209-0226
Vulnerability from variot - Updated: 2023-12-18 12:58WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user.
2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences.
3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0226",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": "simatic pcs 7",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": "lte",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.x"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "77.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5087"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004450"
},
{
"db": "NVD",
"id": "CVE-2012-3034"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3034"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Denis Baranov Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov,Timur Yunusov from Positive Technologies",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
],
"trust": 0.6
},
"cve": "CVE-2012-3034",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-3034",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-56315",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3034",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-296",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-56315",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2012-3034",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56315"
},
{
"db": "VULMON",
"id": "CVE-2012-3034"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004450"
},
{
"db": "NVD",
"id": "CVE-2012-3034"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3034"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004450"
},
{
"db": "CNVD",
"id": "CNVD-2012-5087"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56315"
},
{
"db": "VULMON",
"id": "CVE-2012-3034"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3034",
"trust": 3.7
},
{
"db": "SIEMENS",
"id": "SSA-864051",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-256-01",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201209-296",
"trust": 0.9
},
{
"db": "BID",
"id": "55492",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-5087",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004450",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "50568",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "20651",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20931",
"trust": 0.6
},
{
"db": "IVD",
"id": "5E11D08E-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "50581",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56315",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-3034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116445",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116447",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5087"
},
{
"db": "VULHUB",
"id": "VHN-56315"
},
{
"db": "VULMON",
"id": "CVE-2012-3034"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004450"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3034"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
]
},
"id": "VAR-201209-0226",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5087"
},
{
"db": "VULHUB",
"id": "VHN-56315"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5087"
}
]
},
"last_update_date": "2023-12-18T12:58:16.293000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/"
},
{
"title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens SIMATIC WinCC ActiveX Control Account Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/22134"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5087"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004450"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56315"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004450"
},
{
"db": "NVD",
"id": "CVE-2012-3034"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
},
{
"trust": 2.0,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
},
{
"trust": 1.8,
"url": "http://en.securitylab.ru/lab/pt-2012-45"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3034"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3034"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50568"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/55492"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20931"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20651"
},
{
"trust": 0.3,
"url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26911"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-12-256-01"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50568/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5087"
},
{
"db": "VULHUB",
"id": "VHN-56315"
},
{
"db": "VULMON",
"id": "CVE-2012-3034"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004450"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3034"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5087"
},
{
"db": "VULHUB",
"id": "VHN-56315"
},
{
"db": "VULMON",
"id": "CVE-2012-3034"
},
{
"db": "BID",
"id": "55492"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004450"
},
{
"db": "PACKETSTORM",
"id": "116445"
},
{
"db": "PACKETSTORM",
"id": "116447"
},
{
"db": "NVD",
"id": "CVE-2012-3034"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-13T00:00:00",
"db": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5087"
},
{
"date": "2012-09-18T00:00:00",
"db": "VULHUB",
"id": "VHN-56315"
},
{
"date": "2012-09-18T00:00:00",
"db": "VULMON",
"id": "CVE-2012-3034"
},
{
"date": "2012-09-11T00:00:00",
"db": "BID",
"id": "55492"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004450"
},
{
"date": "2012-09-11T07:30:00",
"db": "PACKETSTORM",
"id": "116445"
},
{
"date": "2012-09-11T07:30:06",
"db": "PACKETSTORM",
"id": "116447"
},
{
"date": "2012-09-18T14:55:01.583000",
"db": "NVD",
"id": "CVE-2012-3034"
},
{
"date": "2012-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5087"
},
{
"date": "2012-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-56315"
},
{
"date": "2012-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2012-3034"
},
{
"date": "2012-09-12T22:50:00",
"db": "BID",
"id": "55492"
},
{
"date": "2012-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004450"
},
{
"date": "2012-09-19T14:11:05.407000",
"db": "NVD",
"id": "CVE-2012-3034"
},
{
"date": "2012-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC ActiveX Control Account Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5087"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-296"
}
],
"trust": 0.6
}
}
VAR-201808-0744
Vulnerability from variot - Updated: 2023-12-18 12:43A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions < V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to manipulate resources which may be transferred to devices and executed there by a different user. No special privileges are required, but the victim needs to transfer the manipulated files to a device. Execution is caused on the target device rather than on the PG device. SIMATIC STEP 7 and WinCC (TIA Portal ) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology. WinCC (TIA Portal) is an automated data acquisition and monitoring (SCADA) system. The system provides functions such as process monitoring and data acquisition. And resources that are executed by the user. Siemens SIMATIC STEP 7 and SIMATIC WinCC are prone to multiple insecure file-permissions vulnerabilities. A local attacker can exploit these issues by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0744",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "15.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "13.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "15.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "13.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "10.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "11.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "14.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "12.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "14.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "11.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "10.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "12.0"
},
{
"model": "simatic step 7",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "710"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "711"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "712"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "713"
},
{
"model": "simatic step sp1 update",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "714.*\u003c146"
},
{
"model": "simatic step update",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "715.*\u003c152"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "10"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "11"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "12"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "13"
},
{
"model": "wincc sp1 update",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "14.*\u003c146"
},
{
"model": "wincc update",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "15.*\u003c152"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "simatic step 7 tia portal",
"version": "13.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v120"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v110"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v15"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v13"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v11"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v10"
},
{
"model": "simatic step tia portal",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v14"
},
{
"model": "simatic step tia portal",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v13"
},
{
"model": "simatic step tia portal",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v12"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v15"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v11"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "10.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "11.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "12.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "14.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "15.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "10.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "11.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "12.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "13.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "14.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "15.0"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"db": "NVD",
"id": "CVE-2018-11454"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):13.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11454"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Younes Dragoni from Nozomi Networks.",
"sources": [
{
"db": "BID",
"id": "105115"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11454",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-11454",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-19602",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-121315",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11454",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11454",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-19602",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-240",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121315",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"db": "VULHUB",
"id": "VHN-121315"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"db": "NVD",
"id": "CVE-2018-11454"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions \u003c V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions \u003c V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to manipulate resources which may be transferred to devices and executed there by a different user. No special privileges are required, but the victim needs to transfer the manipulated files to a device. Execution is caused on the target device rather than on the PG device. SIMATIC STEP 7 and WinCC (TIA Portal ) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology. WinCC (TIA Portal) is an automated data acquisition and monitoring (SCADA) system. The system provides functions such as process monitoring and data acquisition. And resources that are executed by the user. Siemens SIMATIC STEP 7 and SIMATIC WinCC are prone to multiple insecure file-permissions vulnerabilities. \nA local attacker can exploit these issues by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11454"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "IVD",
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121315"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11454",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-979106",
"trust": 2.3
},
{
"db": "BID",
"id": "105115",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-226-01",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201808-240",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-19602",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009208",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2FC30C0-39AB-11E9-8AE0-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121315",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"db": "VULHUB",
"id": "VHN-121315"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"db": "NVD",
"id": "CVE-2018-11454"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
]
},
"id": "VAR-201808-0744",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"db": "VULHUB",
"id": "VHN-121315"
}
],
"trust": 1.6596514042857142
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19602"
}
]
},
"last_update_date": "2023-12-18T12:43:53.710000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-979106",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979106.pdf"
},
{
"title": "Patch for Siemens SIMATIC STEP 7 and WinCC Rights Management Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/140875"
},
{
"title": "Siemens SIMATIC STEP 7 and WinCC Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83959"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121315"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"db": "NVD",
"id": "CVE-2018-11454"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979106.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105115"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-226-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11454"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11454"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"db": "VULHUB",
"id": "VHN-121315"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"db": "NVD",
"id": "CVE-2018-11454"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"db": "VULHUB",
"id": "VHN-121315"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"db": "NVD",
"id": "CVE-2018-11454"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "IVD",
"id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
},
{
"date": "2018-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"date": "2018-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-121315"
},
{
"date": "2018-08-14T00:00:00",
"db": "BID",
"id": "105115"
},
{
"date": "2018-11-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"date": "2018-08-07T15:29:00.373000",
"db": "NVD",
"id": "CVE-2018-11454"
},
{
"date": "2018-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19602"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121315"
},
{
"date": "2018-08-14T00:00:00",
"db": "BID",
"id": "105115"
},
{
"date": "2019-01-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009208"
},
{
"date": "2019-10-09T23:33:32.290000",
"db": "NVD",
"id": "CVE-2018-11454"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "105115"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SIMATIC STEP 7 and WinCC Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009208"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-240"
}
],
"trust": 0.6
}
}
VAR-201808-0743
Vulnerability from variot - Updated: 2023-12-18 12:43A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions < V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to insert specially crafted files which may prevent TIA Portal startup (Denial-of-Service) or lead to local code execution. No special privileges are required, but the victim needs to attempt to start TIA Portal after the manipulation. SIMATIC STEP 7 and WinCC (TIA Portal ) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology. WinCC (TIA Portal) is an automated data acquisition and monitoring (SCADA) system. The system provides functions such as process monitoring and data acquisition. The Portal starts, causing a denial of service or execution of code. Siemens SIMATIC STEP 7 and SIMATIC WinCC are prone to multiple insecure file-permissions vulnerabilities. A local attacker can exploit these issues by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0743",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "15.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "13.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "15.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "13.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "11.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "14.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "10.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "14.0"
},
{
"model": "simatic step 7 \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "12.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "10.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "11.0"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "12.0"
},
{
"model": "simatic step 7",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "710"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "711"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "712"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "713"
},
{
"model": "simatic step sp1 update",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "714.*\u003c146"
},
{
"model": "simatic step update",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "715.*\u003c152"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "10"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "11"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "12"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "13"
},
{
"model": "wincc sp1 update",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "14.*\u003c146"
},
{
"model": "wincc update",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "15.*\u003c152"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "simatic step 7 tia portal",
"version": "13.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v120"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v110"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v15"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v13"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v11"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v10"
},
{
"model": "simatic step tia portal",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v14"
},
{
"model": "simatic step tia portal",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v13"
},
{
"model": "simatic step tia portal",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v12"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v15"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v11"
},
{
"model": "simatic step",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7v10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "10.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "11.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "12.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "14.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic step 7 tia portal",
"version": "15.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "10.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "11.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "12.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "13.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "14.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "15.0"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"db": "NVD",
"id": "CVE-2018-11453"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):13.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11453"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Younes Dragoni from Nozomi Networks.",
"sources": [
{
"db": "BID",
"id": "105115"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11453",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-11453",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-19601",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-121314",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11453",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11453",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-19601",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-241",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121314",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"db": "VULHUB",
"id": "VHN-121314"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"db": "NVD",
"id": "CVE-2018-11453"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions \u003c V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions \u003c V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to insert specially crafted files which may prevent TIA Portal startup (Denial-of-Service) or lead to local code execution. No special privileges are required, but the victim needs to attempt to start TIA Portal after the manipulation. SIMATIC STEP 7 and WinCC (TIA Portal ) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology. WinCC (TIA Portal) is an automated data acquisition and monitoring (SCADA) system. The system provides functions such as process monitoring and data acquisition. The Portal starts, causing a denial of service or execution of code. Siemens SIMATIC STEP 7 and SIMATIC WinCC are prone to multiple insecure file-permissions vulnerabilities. \nA local attacker can exploit these issues by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11453"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "IVD",
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121314"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11453",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-979106",
"trust": 2.3
},
{
"db": "BID",
"id": "105115",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-226-01",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201808-241",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-19601",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009209",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2FC57CF-39AB-11E9-B215-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121314",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"db": "VULHUB",
"id": "VHN-121314"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"db": "NVD",
"id": "CVE-2018-11453"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
]
},
"id": "VAR-201808-0743",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"db": "VULHUB",
"id": "VHN-121314"
}
],
"trust": 1.6596514042857142
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19601"
}
]
},
"last_update_date": "2023-12-18T12:43:53.749000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-979106",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979106.pdf"
},
{
"title": "Patch for Siemens SIMATIC STEP 7 and WinCC Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/140877"
},
{
"title": "Siemens SIMATIC STEP 7 and WinCC Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83960"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121314"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"db": "NVD",
"id": "CVE-2018-11453"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979106.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105115"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-226-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11453"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11453"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"db": "VULHUB",
"id": "VHN-121314"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"db": "NVD",
"id": "CVE-2018-11453"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"db": "VULHUB",
"id": "VHN-121314"
},
{
"db": "BID",
"id": "105115"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"db": "NVD",
"id": "CVE-2018-11453"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "IVD",
"id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
},
{
"date": "2018-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"date": "2018-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-121314"
},
{
"date": "2018-08-14T00:00:00",
"db": "BID",
"id": "105115"
},
{
"date": "2018-11-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"date": "2018-08-07T15:29:00.247000",
"db": "NVD",
"id": "CVE-2018-11453"
},
{
"date": "2018-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19601"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121314"
},
{
"date": "2018-08-14T00:00:00",
"db": "BID",
"id": "105115"
},
{
"date": "2019-01-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009209"
},
{
"date": "2019-10-09T23:33:32.137000",
"db": "NVD",
"id": "CVE-2018-11453"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "105115"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SIMATIC STEP 7 and WinCC Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009209"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-241"
}
],
"trust": 0.6
}
}
VAR-201206-0073
Vulnerability from variot - Updated: 2023-12-18 12:38Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. WinCC flexible is a human-machine interface for use in some machine or process applications. An attacker can exploit the vulnerability to read arbitrary files. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.
The vulnerability is caused due to an input sanitisation error within the DiagAgent web server and can be exploited to cause a buffer overflow and crash the DiagAgent.
Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49341
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
RELEASE DATE: 2012-06-07
DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49341/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks.
1) Certain input passed via URL parameters to two unspecified web applications is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g. read or write certain system settings.
2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.
4) Certain input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.
The weakness and the vulnerabilities are reported in version 7.0 SP3.
SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.
ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf
ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0073",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc sp3",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "update 2"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"db": "NVD",
"id": "CVE-2012-2597"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2597"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
"sources": [
{
"db": "BID",
"id": "53837"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2597",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-2597",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-55878",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2597",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-086",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-55878",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55878"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"db": "NVD",
"id": "CVE-2012-2597"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. WinCC flexible is a human-machine interface for use in some machine or process applications. An attacker can exploit the vulnerability to read arbitrary files. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. \n\nThe vulnerability is caused due to an input sanitisation error within\nthe DiagAgent web server and can be exploited to cause a buffer\noverflow and crash the DiagAgent. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. \n\n1) Certain input passed via URL parameters to two unspecified web\napplications is not properly sanitised before being used to construct\na XPath query for XML data. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. read or write\ncertain system settings. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. This can be exploited to redirect a user to an\narbitrary website e.g. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2597"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55878"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2597",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-158-01",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-223158",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086",
"trust": 0.9
},
{
"db": "BID",
"id": "53837",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "49341",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3213",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002660",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "19751",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "49359",
"trust": 0.3
},
{
"db": "IVD",
"id": "C4C1D040-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-55878",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113374",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113371",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"db": "VULHUB",
"id": "VHN-55878"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2597"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
]
},
"id": "VAR-201206-0073",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"db": "VULHUB",
"id": "VHN-55878"
}
],
"trust": 1.5935203766666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3213"
}
]
},
"last_update_date": "2023-12-18T12:38:49.284000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for the Siemens WinCC Directory Traversal Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18133"
},
{
"title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43310"
},
{
"title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43309"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55878"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"db": "NVD",
"id": "CVE-2012-2597"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
},
{
"trust": 1.9,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2597"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2597"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49341"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/53837"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19751"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"db": "VULHUB",
"id": "VHN-55878"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2597"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"db": "VULHUB",
"id": "VHN-55878"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2597"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"date": "2012-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-55878"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"date": "2012-06-08T07:05:53",
"db": "PACKETSTORM",
"id": "113374"
},
{
"date": "2012-06-08T07:05:43",
"db": "PACKETSTORM",
"id": "113371"
},
{
"date": "2012-06-08T18:55:02.267000",
"db": "NVD",
"id": "CVE-2012-2597"
},
{
"date": "2012-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"date": "2012-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-55878"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002660"
},
{
"date": "2012-06-12T04:00:00",
"db": "NVD",
"id": "CVE-2012-2597"
},
{
"date": "2012-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC Directory Traversal Vulnerability",
"sources": [
{
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3213"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-086"
}
],
"trust": 0.8
}
}
VAR-201206-0071
Vulnerability from variot - Updated: 2023-12-18 12:38Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors involving special characters in parameters. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.
The vulnerability is caused due to an input sanitisation error within the DiagAgent web server and can be exploited to cause a buffer overflow and crash the DiagAgent.
Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49341
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
RELEASE DATE: 2012-06-07
DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49341/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks.
1) Certain input passed via URL parameters to two unspecified web applications is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g. read or write certain system settings.
2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.
4) Certain input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.
The weakness and the vulnerabilities are reported in version 7.0 SP3.
SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.
ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf
ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0071",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc sp3",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "update 2"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"db": "NVD",
"id": "CVE-2012-2595"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2595"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
"sources": [
{
"db": "BID",
"id": "53837"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2595",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-2595",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-55876",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2595",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-084",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-55876",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55876"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"db": "NVD",
"id": "CVE-2012-2595"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors involving special characters in parameters. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. \n\nThe vulnerability is caused due to an input sanitisation error within\nthe DiagAgent web server and can be exploited to cause a buffer\noverflow and crash the DiagAgent. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. \n\n1) Certain input passed via URL parameters to two unspecified web\napplications is not properly sanitised before being used to construct\na XPath query for XML data. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. read or write\ncertain system settings. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. This can be exploited to redirect a user to an\narbitrary website e.g. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2595"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55876"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2595",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-158-01",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-223158",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201206-084",
"trust": 0.9
},
{
"db": "BID",
"id": "53837",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "49341",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3211",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002658",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "19751",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "49359",
"trust": 0.3
},
{
"db": "IVD",
"id": "C4CEBBDE-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-55876",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113374",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113371",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"db": "VULHUB",
"id": "VHN-55876"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2595"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
]
},
"id": "VAR-201206-0071",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"db": "VULHUB",
"id": "VHN-55876"
}
],
"trust": 1.5935203766666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3211"
}
]
},
"last_update_date": "2023-12-18T12:38:49.189000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens WinCC Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18131"
},
{
"title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43310"
},
{
"title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43309"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55876"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"db": "NVD",
"id": "CVE-2012-2595"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
},
{
"trust": 1.9,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2595"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2595"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49341"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/53837"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19751"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"db": "VULHUB",
"id": "VHN-55876"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2595"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"db": "VULHUB",
"id": "VHN-55876"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2595"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"date": "2012-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-55876"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"date": "2012-06-08T07:05:53",
"db": "PACKETSTORM",
"id": "113374"
},
{
"date": "2012-06-08T07:05:43",
"db": "PACKETSTORM",
"id": "113371"
},
{
"date": "2012-06-08T18:55:02.173000",
"db": "NVD",
"id": "CVE-2012-2595"
},
{
"date": "2012-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"date": "2012-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-55876"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002658"
},
{
"date": "2012-06-12T04:00:00",
"db": "NVD",
"id": "CVE-2012-2595"
},
{
"date": "2012-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3211"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-084"
}
],
"trust": 0.6
}
}
VAR-201206-0115
Vulnerability from variot - Updated: 2023-12-18 12:38Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a GET request. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a security hole in implementation. An attacker could exploit a vulnerability to redirect a user to a malicious site. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.
The vulnerability is caused due to an input sanitisation error within the DiagAgent web server and can be exploited to cause a buffer overflow and crash the DiagAgent.
Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49341
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
RELEASE DATE: 2012-06-07
DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49341/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks.
1) Certain input passed via URL parameters to two unspecified web applications is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g. read or write certain system settings.
2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.
4) Certain input is not properly verified before being used to redirect users. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.
The weakness and the vulnerabilities are reported in version 7.0 SP3.
SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.
ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf
ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0115",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc sp3",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "update 2"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3215"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"db": "NVD",
"id": "CVE-2012-3003"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3003"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
"sources": [
{
"db": "BID",
"id": "53837"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
],
"trust": 0.9
},
"cve": "CVE-2012-3003",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-3003",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-56284",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3003",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-088",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-56284",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56284"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"db": "NVD",
"id": "CVE-2012-3003"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a GET request. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a security hole in implementation. An attacker could exploit a vulnerability to redirect a user to a malicious site. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. \n\nThe vulnerability is caused due to an input sanitisation error within\nthe DiagAgent web server and can be exploited to cause a buffer\noverflow and crash the DiagAgent. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. \n\n1) Certain input passed via URL parameters to two unspecified web\napplications is not properly sanitised before being used to construct\na XPath query for XML data. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. read or write\ncertain system settings. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3003"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"db": "CNVD",
"id": "CNVD-2012-3215"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56284"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3003",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-158-01",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-223158",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201206-088",
"trust": 0.9
},
{
"db": "BID",
"id": "53837",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "49341",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3215",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002662",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "19751",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "49359",
"trust": 0.3
},
{
"db": "IVD",
"id": "C4A98DE6-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56284",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113374",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113371",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3215"
},
{
"db": "VULHUB",
"id": "VHN-56284"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-3003"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
]
},
"id": "VAR-201206-0115",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3215"
},
{
"db": "VULHUB",
"id": "VHN-56284"
}
],
"trust": 1.5935203766666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3215"
}
]
},
"last_update_date": "2023-12-18T12:38:49.138000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens WinCC Vulnerability (CNVD-2012-3215)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18135"
},
{
"title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43310"
},
{
"title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43309"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3215"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56284"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"db": "NVD",
"id": "CVE-2012-3003"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
},
{
"trust": 1.9,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3003"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3003"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49341"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/53837"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19751"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3215"
},
{
"db": "VULHUB",
"id": "VHN-56284"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-3003"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3215"
},
{
"db": "VULHUB",
"id": "VHN-56284"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-3003"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3215"
},
{
"date": "2012-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-56284"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"date": "2012-06-08T07:05:53",
"db": "PACKETSTORM",
"id": "113374"
},
{
"date": "2012-06-08T07:05:43",
"db": "PACKETSTORM",
"id": "113371"
},
{
"date": "2012-06-08T18:55:02.347000",
"db": "NVD",
"id": "CVE-2012-3003"
},
{
"date": "2012-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3215"
},
{
"date": "2012-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-56284"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002662"
},
{
"date": "2012-06-12T04:00:00",
"db": "NVD",
"id": "CVE-2012-3003"
},
{
"date": "2012-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC of Web Application open redirect vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002662"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-088"
}
],
"trust": 0.8
}
}
VAR-201206-0074
Vulnerability from variot - Updated: 2023-12-18 12:38Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a buffer overflow vulnerability in implementation. An attacker could exploit the vulnerability to cause a denial of service. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.
Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49341
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
RELEASE DATE: 2012-06-07
DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49341/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks.
1) Certain input passed via URL parameters to two unspecified web applications is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g. read or write certain system settings.
2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.
4) Certain input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.
The weakness and the vulnerabilities are reported in version 7.0 SP3.
SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.
ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf
ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0074",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc sp3",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3 to update 2"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_2:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
"sources": [
{
"db": "BID",
"id": "53837"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2598",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-2598",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-55879",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2598",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-087",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-55879",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a buffer overflow vulnerability in implementation. An attacker could exploit the vulnerability to cause a denial of service. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. \n\n1) Certain input passed via URL parameters to two unspecified web\napplications is not properly sanitised before being used to construct\na XPath query for XML data. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. read or write\ncertain system settings. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. This can be exploited to redirect a user to an\narbitrary website e.g. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2598"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2598",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-158-01",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-223158",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087",
"trust": 0.9
},
{
"db": "BID",
"id": "53837",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "49359",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3214",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "19751",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "49341",
"trust": 0.3
},
{
"db": "IVD",
"id": "C4B582FE-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-55879",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113374",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113371",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
]
},
"id": "VAR-201206-0074",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "VULHUB",
"id": "VHN-55879"
}
],
"trust": 1.5935203766666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
}
]
},
"last_update_date": "2023-12-18T12:38:49.331000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens WinCC Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18134"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
},
{
"trust": 1.9,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2598"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2598"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49359"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/53837"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19751"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"date": "2012-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-55879"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"date": "2012-06-08T07:05:53",
"db": "PACKETSTORM",
"id": "113374"
},
{
"date": "2012-06-08T07:05:43",
"db": "PACKETSTORM",
"id": "113371"
},
{
"date": "2012-06-08T18:55:02.317000",
"db": "NVD",
"id": "CVE-2012-2598"
},
{
"date": "2012-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"date": "2012-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-55879"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"date": "2012-06-12T04:00:00",
"db": "NVD",
"id": "CVE-2012-2598"
},
{
"date": "2012-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
],
"trust": 0.8
}
}
VAR-201206-0072
Vulnerability from variot - Updated: 2023-12-18 12:38The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to read or modify settings via a crafted URL, related to an "XML injection" attack. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters. There is a security vulnerability in the implementation, and an attacker can use the vulnerability to read or write system settings. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. The vulnerability is related to 'XML injection' attacks.
The vulnerability is caused due to an input sanitisation error within the DiagAgent web server and can be exploited to cause a buffer overflow and crash the DiagAgent.
Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49341
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
RELEASE DATE: 2012-06-07
DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49341/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g.
2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.
4) Certain input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.
The weakness and the vulnerabilities are reported in version 7.0 SP3.
SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.
ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf
ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc sp3",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "update 2"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3212"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"db": "NVD",
"id": "CVE-2012-2596"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2596"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
"sources": [
{
"db": "BID",
"id": "53837"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2596",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-2596",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "c4c81518-2353-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-55877",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2596",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-085",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-55877",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55877"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"db": "NVD",
"id": "CVE-2012-2596"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to read or modify settings via a crafted URL, related to an \"XML injection\" attack. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters. There is a security vulnerability in the implementation, and an attacker can use the vulnerability to read or write system settings. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. The vulnerability is related to \u0027XML injection\u0027 attacks. \n\nThe vulnerability is caused due to an input sanitisation error within\nthe DiagAgent web server and can be exploited to cause a buffer\noverflow and crash the DiagAgent. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. This can be exploited to redirect a user to an\narbitrary website e.g. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2596"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"db": "CNVD",
"id": "CNVD-2012-3212"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55877"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2596",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-158-01",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-223158",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201206-085",
"trust": 0.9
},
{
"db": "BID",
"id": "53837",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "49341",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3212",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002659",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "19751",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "49359",
"trust": 0.3
},
{
"db": "IVD",
"id": "C4C81518-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-55877",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113374",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113371",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3212"
},
{
"db": "VULHUB",
"id": "VHN-55877"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2596"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
]
},
"id": "VAR-201206-0072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3212"
},
{
"db": "VULHUB",
"id": "VHN-55877"
}
],
"trust": 1.5935203766666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3212"
}
]
},
"last_update_date": "2023-12-18T12:38:49.236000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens WinCC Vulnerability (CNVD-2012-3212)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18132"
},
{
"title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43310"
},
{
"title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43309"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3212"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55877"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"db": "NVD",
"id": "CVE-2012-2596"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
},
{
"trust": 1.9,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2596"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2596"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49341"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/53837"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19751"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3212"
},
{
"db": "VULHUB",
"id": "VHN-55877"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2596"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3212"
},
{
"db": "VULHUB",
"id": "VHN-55877"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "NVD",
"id": "CVE-2012-2596"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3212"
},
{
"date": "2012-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-55877"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"date": "2012-06-08T07:05:53",
"db": "PACKETSTORM",
"id": "113374"
},
{
"date": "2012-06-08T07:05:43",
"db": "PACKETSTORM",
"id": "113371"
},
{
"date": "2012-06-08T18:55:02.220000",
"db": "NVD",
"id": "CVE-2012-2596"
},
{
"date": "2012-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3212"
},
{
"date": "2012-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-55877"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002659"
},
{
"date": "2012-06-12T04:00:00",
"db": "NVD",
"id": "CVE-2012-2596"
},
{
"date": "2012-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC of Web Application XPath Vulnerability to read settings in function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002659"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "c4c81518-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-085"
}
],
"trust": 0.8
}
}
VAR-201308-0266
Vulnerability from variot - Updated: 2023-12-18 12:38Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to hijack the authentication of unspecified victims by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Siemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems. A remote attacker can exploit this vulnerability to hijack user authentication through incorrectly configured SIMATIC HMI panels of WinCC products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201308-0266",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "11.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "12.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "11"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "12"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "12 sp1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "11.0"
},
{
"model": "simatic wincc tia portal",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "12.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "12.0"
}
],
"sources": [
{
"db": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003626"
},
{
"db": "NVD",
"id": "CVE-2013-4911"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:11.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:11.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4911"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov and Sergey Bobrov from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "61536"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
],
"trust": 0.9
},
"cve": "CVE-2013-4911",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-4911",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-11280",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "ce456e70-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-64913",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-4911",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-11280",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201307-681",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-64913",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"db": "VULHUB",
"id": "VHN-64913"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003626"
},
{
"db": "NVD",
"id": "CVE-2013-4911"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to hijack the authentication of unspecified victims by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a cross-site request-forgery vulnerability. \nExploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. \nSiemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems. A remote attacker can exploit this vulnerability to hijack user authentication through incorrectly configured SIMATIC HMI panels of WinCC products",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4911"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003626"
},
{
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"db": "BID",
"id": "61536"
},
{
"db": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-64913"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4911",
"trust": 3.7
},
{
"db": "BID",
"id": "61536",
"trust": 2.6
},
{
"db": "SIEMENS",
"id": "SSA-064884",
"trust": 2.3
},
{
"db": "ICS CERT",
"id": "ICSA-13-213-02",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "54051",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "54252",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201307-681",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-11280",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003626",
"trust": 0.8
},
{
"db": "IVD",
"id": "CE456E70-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "122647",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-64913",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"db": "VULHUB",
"id": "VHN-64913"
},
{
"db": "BID",
"id": "61536"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003626"
},
{
"db": "PACKETSTORM",
"id": "122647"
},
{
"db": "NVD",
"id": "CVE-2013-4911"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
]
},
"id": "VAR-201308-0266",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"db": "VULHUB",
"id": "VHN-64913"
}
],
"trust": 1.4840432433333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11280"
}
]
},
"last_update_date": "2023-12-18T12:38:31.321000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-064884",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf"
},
{
"title": "Patch for Siemens SIMATIC WinCC TIA Portal cross-site request forgery vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/37986"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003626"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64913"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003626"
},
{
"db": "NVD",
"id": "CVE-2013-4911"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf"
},
{
"trust": 1.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-13-213-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/61536"
},
{
"trust": 1.1,
"url": "http://scadastrangelove.blogspot.com/2013/08/ssa-064884-wincctia-portal-fixes.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/54051"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/54252"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86099"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4911"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4911"
},
{
"trust": 0.6,
"url": "http://www.secunia.com/advisories/54051/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4911"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4912"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"db": "VULHUB",
"id": "VHN-64913"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003626"
},
{
"db": "PACKETSTORM",
"id": "122647"
},
{
"db": "NVD",
"id": "CVE-2013-4911"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"db": "VULHUB",
"id": "VHN-64913"
},
{
"db": "BID",
"id": "61536"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003626"
},
{
"db": "PACKETSTORM",
"id": "122647"
},
{
"db": "NVD",
"id": "CVE-2013-4911"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-05T00:00:00",
"db": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"date": "2013-08-01T00:00:00",
"db": "VULHUB",
"id": "VHN-64913"
},
{
"date": "2013-07-31T00:00:00",
"db": "BID",
"id": "61536"
},
{
"date": "2013-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003626"
},
{
"date": "2013-08-02T03:07:16",
"db": "PACKETSTORM",
"id": "122647"
},
{
"date": "2013-08-01T13:32:26.113000",
"db": "NVD",
"id": "CVE-2013-4911"
},
{
"date": "2013-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-64913"
},
{
"date": "2013-08-01T17:55:00",
"db": "BID",
"id": "61536"
},
{
"date": "2013-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003626"
},
{
"date": "2017-08-29T01:33:41.200000",
"db": "NVD",
"id": "CVE-2013-4911"
},
{
"date": "2013-08-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC TIA Portal Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "IVD",
"id": "ce456e70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11280"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-681"
}
],
"trust": 0.6
}
}
VAR-201308-0267
Vulnerability from variot - Updated: 2023-12-18 12:38Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a remote URL-redirection vulnerability. An attacker can leverage this issue by constructing a URI that includes a malicious site redirection. When an unsuspecting victim follows the URI, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Siemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201308-0267",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "11.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "12.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "11"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "12"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "12 sp1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "11.0"
},
{
"model": "simatic wincc tia portal",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "12.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "12.0"
}
],
"sources": [
{
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003627"
},
{
"db": "NVD",
"id": "CVE-2013-4912"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:11.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:11.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4912"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov and Sergey Bobrov from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "61535"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
],
"trust": 0.9
},
"cve": "CVE-2013-4912",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-4912",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-11281",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-64914",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-4912",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-11281",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201307-680",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-64914",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"db": "VULHUB",
"id": "VHN-64914"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003627"
},
{
"db": "NVD",
"id": "CVE-2013-4912"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a remote URL-redirection vulnerability. \nAn attacker can leverage this issue by constructing a URI that includes a malicious site redirection. When an unsuspecting victim follows the URI, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. \nSiemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4912"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003627"
},
{
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"db": "BID",
"id": "61535"
},
{
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-64914"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4912",
"trust": 3.7
},
{
"db": "BID",
"id": "61535",
"trust": 2.6
},
{
"db": "SIEMENS",
"id": "SSA-064884",
"trust": 2.3
},
{
"db": "ICS CERT",
"id": "ICSA-13-213-02",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "54051",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "54252",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201307-680",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-11281",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003627",
"trust": 0.8
},
{
"db": "IVD",
"id": "CE6AFF78-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-64914",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122647",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"db": "VULHUB",
"id": "VHN-64914"
},
{
"db": "BID",
"id": "61535"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003627"
},
{
"db": "PACKETSTORM",
"id": "122647"
},
{
"db": "NVD",
"id": "CVE-2013-4912"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
]
},
"id": "VAR-201308-0267",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"db": "VULHUB",
"id": "VHN-64914"
}
],
"trust": 1.4840432433333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11281"
}
]
},
"last_update_date": "2023-12-18T12:38:31.363000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-064884",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf"
},
{
"title": "Patch for Siemens SIMATIC WinCC TIA Portal URL Redirection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/37987"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003627"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64914"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003627"
},
{
"db": "NVD",
"id": "CVE-2013-4912"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf"
},
{
"trust": 1.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-13-213-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/61535"
},
{
"trust": 1.1,
"url": "http://scadastrangelove.blogspot.com/2013/08/ssa-064884-wincctia-portal-fixes.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/54051"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/54252"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86100"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4912"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4912"
},
{
"trust": 0.6,
"url": "http://www.secunia.com/advisories/54051/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4911"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4912"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"db": "VULHUB",
"id": "VHN-64914"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003627"
},
{
"db": "PACKETSTORM",
"id": "122647"
},
{
"db": "NVD",
"id": "CVE-2013-4912"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"db": "VULHUB",
"id": "VHN-64914"
},
{
"db": "BID",
"id": "61535"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003627"
},
{
"db": "PACKETSTORM",
"id": "122647"
},
{
"db": "NVD",
"id": "CVE-2013-4912"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-05T00:00:00",
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"date": "2013-08-01T00:00:00",
"db": "VULHUB",
"id": "VHN-64914"
},
{
"date": "2013-07-31T00:00:00",
"db": "BID",
"id": "61535"
},
{
"date": "2013-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003627"
},
{
"date": "2013-08-02T03:07:16",
"db": "PACKETSTORM",
"id": "122647"
},
{
"date": "2013-08-01T13:32:26.127000",
"db": "NVD",
"id": "CVE-2013-4912"
},
{
"date": "2013-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-11281"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-64914"
},
{
"date": "2013-08-01T17:55:00",
"db": "BID",
"id": "61535"
},
{
"date": "2013-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003627"
},
{
"date": "2017-08-29T01:33:41.247000",
"db": "NVD",
"id": "CVE-2013-4912"
},
{
"date": "2013-08-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC TIA Portal URL Redirection Vulnerability",
"sources": [
{
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11281"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-680"
}
],
"trust": 0.8
}
}
VAR-201303-0258
Vulnerability from variot - Updated: 2023-12-18 12:30Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.0 sp1"
},
{
"model": "simatic pcs sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7\u003c8.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "09019714-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005228"
},
{
"db": "NVD",
"id": "CVE-2013-0676"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-444"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0676"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0676",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-0676",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-02175",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "09019714-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-60678",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0676",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-444",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "09019714-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60678",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "09019714-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60678"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005228"
},
{
"db": "NVD",
"id": "CVE-2013-0676"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-444"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0676"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005228"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "IVD",
"id": "09019714-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60678"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0676",
"trust": 3.1
},
{
"db": "ICS CERT",
"id": "ICSA-13-079-02",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-714398",
"trust": 2.0
},
{
"db": "BID",
"id": "58545",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201303-444",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005228",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363",
"trust": 0.6
},
{
"db": "IVD",
"id": "09019714-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60678",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120899",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "09019714-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60678"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005228"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0676"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-444"
}
]
},
"id": "VAR-201303-0258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "09019714-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60678"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "09019714-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
}
]
},
"last_update_date": "2023-12-18T12:30:59.106000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/cc/en/"
},
{
"title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/answers/jp/ja/"
},
{
"title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33002"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005228"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60678"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005228"
},
{
"db": "NVD",
"id": "CVE-2013-0676"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"trust": 2.0,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/58545"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0676"
},
{
"trust": 0.8,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0676"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60678"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005228"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0676"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-444"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "09019714-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60678"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005228"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0676"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-444"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-22T00:00:00",
"db": "IVD",
"id": "09019714-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-60678"
},
{
"date": "2013-03-15T00:00:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005228"
},
{
"date": "2013-03-21T15:07:17",
"db": "PACKETSTORM",
"id": "120899"
},
{
"date": "2013-03-21T15:55:01.567000",
"db": "NVD",
"id": "CVE-2013-0676"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-444"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-60678"
},
{
"date": "2013-04-02T15:37:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005228"
},
{
"date": "2013-03-22T13:55:16.407000",
"db": "NVD",
"id": "CVE-2013-0676"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-444"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-444"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-444"
}
],
"trust": 0.6
}
}
VAR-201303-0259
Vulnerability from variot - Updated: 2023-12-18 12:30The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a crafted project file. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0259",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.0 sp1"
},
{
"model": "simatic pcs sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7\u003c8.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "09175612-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001989"
},
{
"db": "NVD",
"id": "CVE-2013-0677"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-445"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0677"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0677",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-0677",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-02175",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "09175612-2353-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-60679",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0677",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-445",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "09175612-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60679",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2013-0677",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "09175612-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60679"
},
{
"db": "VULMON",
"id": "CVE-2013-0677"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001989"
},
{
"db": "NVD",
"id": "CVE-2013-0677"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-445"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a crafted project file. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0677"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001989"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "IVD",
"id": "09175612-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60679"
},
{
"db": "VULMON",
"id": "CVE-2013-0677"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0677",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-13-079-02",
"trust": 2.9
},
{
"db": "SIEMENS",
"id": "SSA-714398",
"trust": 2.1
},
{
"db": "BID",
"id": "58545",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201303-445",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001989",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363",
"trust": 0.6
},
{
"db": "IVD",
"id": "09175612-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60679",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2013-0677",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120899",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "09175612-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60679"
},
{
"db": "VULMON",
"id": "CVE-2013-0677"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001989"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0677"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-445"
}
]
},
"id": "VAR-201303-0259",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "09175612-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60679"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "09175612-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
}
]
},
"last_update_date": "2023-12-18T12:30:59.053000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/cc/en/"
},
{
"title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/answers/jp/ja/"
},
{
"title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33002"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001989"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60679"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001989"
},
{
"db": "NVD",
"id": "CVE-2013-0677"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"trust": 2.1,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/58545"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0677"
},
{
"trust": 0.8,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0677"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=28666"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-13-079-02"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60679"
},
{
"db": "VULMON",
"id": "CVE-2013-0677"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001989"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0677"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-445"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "09175612-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60679"
},
{
"db": "VULMON",
"id": "CVE-2013-0677"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001989"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0677"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-445"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-22T00:00:00",
"db": "IVD",
"id": "09175612-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-60679"
},
{
"date": "2013-03-21T00:00:00",
"db": "VULMON",
"id": "CVE-2013-0677"
},
{
"date": "2013-03-15T00:00:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001989"
},
{
"date": "2013-03-21T15:07:17",
"db": "PACKETSTORM",
"id": "120899"
},
{
"date": "2013-03-21T15:55:01.583000",
"db": "NVD",
"id": "CVE-2013-0677"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-445"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-60679"
},
{
"date": "2013-03-22T00:00:00",
"db": "VULMON",
"id": "CVE-2013-0677"
},
{
"date": "2013-04-02T15:37:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001989"
},
{
"date": "2013-03-22T14:11:21.193000",
"db": "NVD",
"id": "CVE-2013-0677"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-445"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-445"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-445"
}
],
"trust": 0.6
}
}
VAR-201303-0260
Vulnerability from variot - Updated: 2023-12-18 12:30Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0260",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.0 sp1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7\u003c8.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001990"
},
{
"db": "NVD",
"id": "CVE-2013-0678"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-446"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0678"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0678",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-0678",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-02175",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-60680",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0678",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-446",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60680",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60680"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001990"
},
{
"db": "NVD",
"id": "CVE-2013-0678"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-446"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0678"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001990"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60680"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0678",
"trust": 3.1
},
{
"db": "ICS CERT",
"id": "ICSA-13-079-02",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-714398",
"trust": 2.0
},
{
"db": "BID",
"id": "58545",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201303-446",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001990",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363",
"trust": 0.6
},
{
"db": "IVD",
"id": "0911AD8E-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "120899",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60680",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60680"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001990"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0678"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-446"
}
]
},
"id": "VAR-201303-0260",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60680"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
}
]
},
"last_update_date": "2023-12-18T12:30:59.007000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/cc/en/"
},
{
"title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/answers/jp/ja/"
},
{
"title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33002"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001990"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60680"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001990"
},
{
"db": "NVD",
"id": "CVE-2013-0678"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"trust": 2.0,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/58545"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0678"
},
{
"trust": 0.8,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0678"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60680"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001990"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0678"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-446"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60680"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001990"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0678"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-446"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-22T00:00:00",
"db": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-60680"
},
{
"date": "2013-03-15T00:00:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001990"
},
{
"date": "2013-03-21T15:07:17",
"db": "PACKETSTORM",
"id": "120899"
},
{
"date": "2013-03-21T15:55:01.600000",
"db": "NVD",
"id": "CVE-2013-0678"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-446"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-60680"
},
{
"date": "2013-04-02T15:37:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001990"
},
{
"date": "2013-03-22T04:00:00",
"db": "NVD",
"id": "CVE-2013-0678"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-446"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-446"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trust management",
"sources": [
{
"db": "IVD",
"id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-446"
}
],
"trust": 0.8
}
}
VAR-201303-0261
Vulnerability from variot - Updated: 2023-12-18 12:30Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0261",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.0 sp1"
},
{
"model": "simatic pcs sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7\u003c8.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001991"
},
{
"db": "NVD",
"id": "CVE-2013-0679"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-447"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0679"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0679",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-0679",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-02175",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "090c28be-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-60681",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0679",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-447",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60681",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60681"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001991"
},
{
"db": "NVD",
"id": "CVE-2013-0679"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-447"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0679"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001991"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60681"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0679",
"trust": 3.1
},
{
"db": "ICS CERT",
"id": "ICSA-13-079-02",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-714398",
"trust": 2.0
},
{
"db": "BID",
"id": "58545",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201303-447",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001991",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363",
"trust": 0.6
},
{
"db": "IVD",
"id": "090C28BE-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60681",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120899",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60681"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001991"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0679"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-447"
}
]
},
"id": "VAR-201303-0261",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60681"
}
],
"trust": 1.49052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
}
]
},
"last_update_date": "2023-12-18T12:30:58.960000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/cc/en/"
},
{
"title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/answers/jp/ja/"
},
{
"title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33002"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001991"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60681"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001991"
},
{
"db": "NVD",
"id": "CVE-2013-0679"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"trust": 2.0,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/58545"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0679"
},
{
"trust": 0.8,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0679"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60681"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001991"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0679"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-447"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60681"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001991"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0679"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-447"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-22T00:00:00",
"db": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-60681"
},
{
"date": "2013-03-15T00:00:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001991"
},
{
"date": "2013-03-21T15:07:17",
"db": "PACKETSTORM",
"id": "120899"
},
{
"date": "2013-03-21T15:55:01.613000",
"db": "NVD",
"id": "CVE-2013-0679"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-447"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-60681"
},
{
"date": "2013-04-02T15:37:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001991"
},
{
"date": "2013-03-22T14:25:30.613000",
"db": "NVD",
"id": "CVE-2013-0679"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-447"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-447"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "090c28be-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-447"
}
],
"trust": 0.8
}
}
VAR-201303-0256
Vulnerability from variot - Updated: 2023-12-18 12:30Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0256",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.0 sp1"
},
{
"model": "wincc",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic pcs sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7\u003c8.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": "simatic wincc siemens simatic pcs sp1",
"scope": "lt",
"trust": 0.2,
"vendor": "siemens",
"version": "7.27\u003c8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001987"
},
{
"db": "NVD",
"id": "CVE-2013-0674"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0674"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0674",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-0674",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-02143",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-02175",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-60676",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0674",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-02143",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-442",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60676",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60676"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001987"
},
{
"db": "NVD",
"id": "CVE-2013-0674"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0674"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001987"
},
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60676"
}
],
"trust": 3.42
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0674",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-13-079-02",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-714398",
"trust": 2.0
},
{
"db": "BID",
"id": "58545",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201303-442",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-02143",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001987",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363",
"trust": 0.6
},
{
"db": "IVD",
"id": "CB5589EC-1F2F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "08E4D3E0-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60676",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120899",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60676"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001987"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0674"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
]
},
"id": "VAR-201303-0256",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60676"
}
],
"trust": 2.29052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
}
]
},
"last_update_date": "2023-12-18T12:30:58.847000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/cc/en/"
},
{
"title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/answers/jp/ja/"
},
{
"title": "Patch for the Siemens WinCC RegReader ActiveX Control Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/32993"
},
{
"title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33002"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001987"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60676"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001987"
},
{
"db": "NVD",
"id": "CVE-2013-0674"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"trust": 2.0,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0674"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/58545"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0674"
},
{
"trust": 0.8,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60676"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001987"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0674"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60676"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001987"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0674"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-26T00:00:00",
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-60676"
},
{
"date": "2013-03-15T00:00:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001987"
},
{
"date": "2013-03-21T15:07:17",
"db": "PACKETSTORM",
"id": "120899"
},
{
"date": "2013-03-21T15:55:01.533000",
"db": "NVD",
"id": "CVE-2013-0674"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-60676"
},
{
"date": "2013-04-02T15:37:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001987"
},
{
"date": "2013-03-22T13:49:57.633000",
"db": "NVD",
"id": "CVE-2013-0674"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC RegReader ActiveX Control Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02143"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-442"
}
],
"trust": 1.0
}
}
VAR-201303-0257
Vulnerability from variot - Updated: 2023-12-18 12:30Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet. A buffer overflow vulnerability exists in CCEServer in versions of Siemens WinCC prior to 7.2 used in SIMATIC PCS7. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0257",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.0 sp1"
},
{
"model": "wincc",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic pcs sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7\u003c8.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001988"
},
{
"db": "NVD",
"id": "CVE-2013-0675"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-443"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0675"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "58545"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0675",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-0675",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2013-02147",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-02175",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "08df6392-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "VHN-60677",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0675",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-02147",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-443",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60677",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60677"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001988"
},
{
"db": "NVD",
"id": "CVE-2013-0675"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-443"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet. A buffer overflow vulnerability exists in CCEServer in versions of Siemens WinCC prior to 7.2 used in SIMATIC PCS7. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0675"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001988"
},
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60677"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0675",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-13-079-02",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-714398",
"trust": 2.0
},
{
"db": "BID",
"id": "58545",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201303-443",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-02147",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001988",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-02175",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363",
"trust": 0.6
},
{
"db": "IVD",
"id": "08DF6392-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60677",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120899",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60677"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001988"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0675"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-443"
}
]
},
"id": "VAR-201303-0257",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60677"
}
],
"trust": 2.09052891
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.4
}
],
"sources": [
{
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
}
]
},
"last_update_date": "2023-12-18T12:30:58.902000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/cc/en/"
},
{
"title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/answers/jp/ja/"
},
{
"title": "Patch for Siemens WinCC CCEServer Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33000"
},
{
"title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33002"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001988"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60677"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001988"
},
{
"db": "NVD",
"id": "CVE-2013-0675"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
},
{
"trust": 2.0,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0675"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/58545"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0675"
},
{
"trust": 0.8,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60677"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001988"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0675"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-443"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"db": "VULHUB",
"id": "VHN-60677"
},
{
"db": "BID",
"id": "58545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001988"
},
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "NVD",
"id": "CVE-2013-0675"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-443"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-60677"
},
{
"date": "2013-03-15T00:00:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001988"
},
{
"date": "2013-03-21T15:07:17",
"db": "PACKETSTORM",
"id": "120899"
},
{
"date": "2013-03-21T15:55:01.553000",
"db": "NVD",
"id": "CVE-2013-0675"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-443"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02175"
},
{
"date": "2013-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-60677"
},
{
"date": "2013-04-02T15:37:00",
"db": "BID",
"id": "58545"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001988"
},
{
"date": "2013-03-22T13:52:30.073000",
"db": "NVD",
"id": "CVE-2013-0675"
},
{
"date": "2013-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-363"
},
{
"date": "2013-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-443"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120899"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-363"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC CCEServer Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02147"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-443"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "08df6392-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-443"
}
],
"trust": 0.8
}
}
VAR-201407-0603
Vulnerability from variot - Updated: 2023-12-18 12:30The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens SIMATIC WinCC And PCS7 that can be exploited by remote attackers to gain elevated privileges on affected devices. Siemens SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. There is a security hole in the WebNavigator server used by Siemens SIMATIC WinCC versions prior to 7.3 for PCS7 and other products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201407-0603",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "wincc",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.3"
},
{
"model": null,
"scope": "eq",
"trust": 1.2,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 1.2,
"vendor": "wincc",
"version": "7.1"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "*"
},
{
"model": "pcs7",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "8.1"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "6.2"
}
],
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4683"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies.",
"sources": [
{
"db": "BID",
"id": "68879"
}
],
"trust": 0.3
},
"cve": "CVE-2014-4683",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.9,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-4683",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2014-04644",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "e2d78202-2351-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "7d71e153-463f-11e9-be10-000c29342cb1",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "VHN-72624",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-4683",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-04644",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201407-603",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-72624",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens SIMATIC WinCC And PCS7 that can be exploited by remote attackers to gain elevated privileges on affected devices. Siemens SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. There is a security hole in the WebNavigator server used by Siemens SIMATIC WinCC versions prior to 7.3 for PCS7 and other products",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-72624"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4683",
"trust": 4.1
},
{
"db": "SIEMENS",
"id": "SSA-214365",
"trust": 2.3
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2014-04644",
"trust": 1.2
},
{
"db": "BID",
"id": "68879",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-14-205-02",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "60392",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "60388",
"trust": 0.6
},
{
"db": "IVD",
"id": "E2D78202-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "C0A709A9-648B-4FBC-869E-37CD7064012B",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D71E153-463F-11E9-BE10-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-72624",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127660",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"id": "VAR-201407-0603",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
}
],
"trust": 1.9928966825
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
}
]
},
"last_update_date": "2023-12-18T12:30:37.614000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-214365",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
},
{
"title": "Patch for Siemens SIMATIC Multiple Products Remote Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/47899"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4683"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4683"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/68879/info"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60388"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60392"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"date": "2014-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"date": "2014-07-24T00:00:00",
"db": "VULHUB",
"id": "VHN-72624"
},
{
"date": "2014-07-23T00:00:00",
"db": "BID",
"id": "68879"
},
{
"date": "2014-07-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"date": "2014-07-29T22:37:22",
"db": "PACKETSTORM",
"id": "127660"
},
{
"date": "2014-07-24T14:55:08.050000",
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"date": "2014-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"date": "2014-07-25T00:00:00",
"db": "VULHUB",
"id": "VHN-72624"
},
{
"date": "2015-03-19T09:40:00",
"db": "BID",
"id": "68879"
},
{
"date": "2014-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"date": "2014-07-25T14:37:19.350000",
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"date": "2014-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC PCS 7 Used in products such as SIMATIC WinCC of WebNavigator Vulnerability that can be obtained privilege in the server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Permission permission and access control",
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
}
],
"trust": 0.6
}
}
VAR-201502-0370
Vulnerability from variot - Updated: 2023-12-18 12:30The remote-management module in the (1) Multi Panels, (2) Comfort Panels, and (3) RT Advanced functionality in Siemens SIMATIC WinCC (TIA Portal) before 13 SP1 and in the (4) panels and (5) runtime functionality in SIMATIC WinCC flexible before 2008 SP3 Up7 does not properly encrypt credentials in transit, which makes it easier for remote attackers to determine cleartext credentials by sniffing the network and conducting a decryption attack. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. An information disclosure vulnerability exists in Siemens SIMATIC WinCC V13 SP1 that could allow an attacker to obtain sensitive information through man-in-the-middle attacks. Versions prior to Siemens SIMATIC WinCC TIA Portal V13 SP1 are vulnerable. The vulnerability stems from the fact that the program does not properly encrypt the certificate in transmission. A remote attacker could exploit this vulnerability by sniffing the network and performing a decryption attack to obtain clear text certificates
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201502-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "13.0"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "13 sp1"
},
{
"model": "simatic wincc tia portal sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v13"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "13.0"
},
{
"model": "simatic wincc flexible runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic wincc flexible sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2008"
},
{
"model": "simatic wincc flexible sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2008"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2008"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2007"
},
{
"model": "simatic wincc flexible sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2005"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2005"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2004"
},
{
"model": "simatic wincc runtime advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
}
],
"sources": [
{
"db": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
},
{
"db": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"db": "BID",
"id": "72625"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001537"
},
{
"db": "NVD",
"id": "CVE-2015-1358"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-420"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1358"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Roman Ilin, Aleksandr Tlyapov, and Sergey Gordeychik.",
"sources": [
{
"db": "BID",
"id": "72625"
}
],
"trust": 0.3
},
"cve": "CVE-2015-1358",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-1358",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-01296",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "a11e037c-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-79319",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-1358",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-01296",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201502-420",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-79319",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
},
{
"db": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"db": "VULHUB",
"id": "VHN-79319"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001537"
},
{
"db": "NVD",
"id": "CVE-2015-1358"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-420"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The remote-management module in the (1) Multi Panels, (2) Comfort Panels, and (3) RT Advanced functionality in Siemens SIMATIC WinCC (TIA Portal) before 13 SP1 and in the (4) panels and (5) runtime functionality in SIMATIC WinCC flexible before 2008 SP3 Up7 does not properly encrypt credentials in transit, which makes it easier for remote attackers to determine cleartext credentials by sniffing the network and conducting a decryption attack. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. An information disclosure vulnerability exists in Siemens SIMATIC WinCC V13 SP1 that could allow an attacker to obtain sensitive information through man-in-the-middle attacks. \nVersions prior to Siemens SIMATIC WinCC TIA Portal V13 SP1 are vulnerable. The vulnerability stems from the fact that the program does not properly encrypt the certificate in transmission. A remote attacker could exploit this vulnerability by sniffing the network and performing a decryption attack to obtain clear text certificates",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1358"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001537"
},
{
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"db": "BID",
"id": "72625"
},
{
"db": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
},
{
"db": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-79319"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-1358",
"trust": 3.9
},
{
"db": "SIEMENS",
"id": "SSA-543623",
"trust": 2.3
},
{
"db": "BID",
"id": "72625",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-16-161-02",
"trust": 1.9
},
{
"db": "SIEMENS",
"id": "SSA-526760",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201502-420",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1036090",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2015-01296",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001537",
"trust": 0.8
},
{
"db": "IVD",
"id": "6C5F6EE2-C09B-4C78-A362-83203BBFE346",
"trust": 0.2
},
{
"db": "IVD",
"id": "A11E037C-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-79319",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130406",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
},
{
"db": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"db": "VULHUB",
"id": "VHN-79319"
},
{
"db": "BID",
"id": "72625"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001537"
},
{
"db": "PACKETSTORM",
"id": "130406"
},
{
"db": "NVD",
"id": "CVE-2015-1358"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-420"
}
]
},
"id": "VAR-201502-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
},
{
"db": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"db": "VULHUB",
"id": "VHN-79319"
}
],
"trust": 1.7525570957142858
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
},
{
"db": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01296"
}
]
},
"last_update_date": "2023-12-18T12:30:37.714000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-543623",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-543623.pdf"
},
{
"title": "Patch for Siemens SIMATIC WinCC TIA Portal Man-in-the-Middle Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/55531"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001537"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-79319"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001537"
},
{
"db": "NVD",
"id": "CVE-2015-1358"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-543623.pdf"
},
{
"trust": 1.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-161-02"
},
{
"trust": 1.7,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-526760.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/72625"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036090"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1358"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1358"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1358"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"db": "VULHUB",
"id": "VHN-79319"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001537"
},
{
"db": "PACKETSTORM",
"id": "130406"
},
{
"db": "NVD",
"id": "CVE-2015-1358"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-420"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
},
{
"db": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"db": "VULHUB",
"id": "VHN-79319"
},
{
"db": "BID",
"id": "72625"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001537"
},
{
"db": "PACKETSTORM",
"id": "130406"
},
{
"db": "NVD",
"id": "CVE-2015-1358"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-420"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-02-27T00:00:00",
"db": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
},
{
"date": "2015-02-27T00:00:00",
"db": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"date": "2015-02-18T00:00:00",
"db": "VULHUB",
"id": "VHN-79319"
},
{
"date": "2015-02-13T00:00:00",
"db": "BID",
"id": "72625"
},
{
"date": "2015-02-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001537"
},
{
"date": "2015-02-16T17:36:59",
"db": "PACKETSTORM",
"id": "130406"
},
{
"date": "2015-02-18T02:59:07.813000",
"db": "NVD",
"id": "CVE-2015-1358"
},
{
"date": "2015-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-420"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01296"
},
{
"date": "2016-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-79319"
},
{
"date": "2016-07-06T14:57:00",
"db": "BID",
"id": "72625"
},
{
"date": "2016-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001537"
},
{
"date": "2016-11-30T02:59:19.423000",
"db": "NVD",
"id": "CVE-2015-1358"
},
{
"date": "2015-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-420"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "130406"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-420"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC TIA Portal Man-in-the-middle information disclosure vulnerability",
"sources": [
{
"db": "IVD",
"id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
},
{
"db": "IVD",
"id": "a11e037c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01296"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201502-420"
}
],
"trust": 0.6
}
}
VAR-201407-0602
Vulnerability from variot - Updated: 2023-12-18 12:30The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Siemens SIMATIC WinCC and PCS7 are prone to an information-disclosure vulnerability. Siemens SIMATIC WinCC is the German Siemens ( Siemens ) The company's set of automated data collection and monitoring ( SCADA )system. The system provides process monitoring, data acquisition and other functions. PCS7 used with other products Siemens SIMATIC WinCC 7.3 previous version of WebNavigator There is a security hole in the server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201407-0602",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "wincc",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.3"
},
{
"model": null,
"scope": "eq",
"trust": 1.2,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 1.2,
"vendor": "wincc",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "*"
},
{
"model": "pcs7",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "8.1"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "6.2"
}
],
"sources": [
{
"db": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
},
{
"db": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"db": "BID",
"id": "68876"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003565"
},
{
"db": "NVD",
"id": "CVE-2014-4682"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-602"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4682"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies.",
"sources": [
{
"db": "BID",
"id": "68876"
}
],
"trust": 0.3
},
"cve": "CVE-2014-4682",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-4682",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-04662",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2da5658-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d801221-463f-11e9-a98b-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-72623",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-4682",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-04662",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201407-602",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-72623",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
},
{
"db": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"db": "VULHUB",
"id": "VHN-72623"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003565"
},
{
"db": "NVD",
"id": "CVE-2014-4682"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-602"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Siemens SIMATIC WinCC and PCS7 are prone to an information-disclosure vulnerability. Siemens SIMATIC WinCC is the German Siemens ( Siemens ) The company\u0027s set of automated data collection and monitoring ( SCADA )system. The system provides process monitoring, data acquisition and other functions. PCS7 used with other products Siemens SIMATIC WinCC 7.3 previous version of WebNavigator There is a security hole in the server",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4682"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003565"
},
{
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"db": "BID",
"id": "68876"
},
{
"db": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
},
{
"db": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-72623"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4682",
"trust": 4.1
},
{
"db": "SIEMENS",
"id": "SSA-214365",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201407-602",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2014-04662",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSA-14-205-02",
"trust": 1.1
},
{
"db": "BID",
"id": "68876",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003565",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "60392",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "60388",
"trust": 0.6
},
{
"db": "IVD",
"id": "E2DA5658-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "00716B3E-FF45-48A1-BC94-7CBFC25E11ED",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D801221-463F-11E9-A98B-000C29342CB1",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "127660",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-72623",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
},
{
"db": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"db": "VULHUB",
"id": "VHN-72623"
},
{
"db": "BID",
"id": "68876"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003565"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4682"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-602"
}
]
},
"id": "VAR-201407-0602",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
},
{
"db": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"db": "VULHUB",
"id": "VHN-72623"
}
],
"trust": 1.9928966825
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
},
{
"db": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04662"
}
]
},
"last_update_date": "2023-12-18T12:30:37.456000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-214365",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
},
{
"title": "Patch for Siemens SIMATIC WinCC and PCS7 WebNavigator Server Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/47904"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003565"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72623"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003565"
},
{
"db": "NVD",
"id": "CVE-2014-4682"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4682"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4682"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/68876"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60388"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60392"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"db": "VULHUB",
"id": "VHN-72623"
},
{
"db": "BID",
"id": "68876"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003565"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4682"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-602"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
},
{
"db": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"db": "VULHUB",
"id": "VHN-72623"
},
{
"db": "BID",
"id": "68876"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003565"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4682"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-602"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
},
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1"
},
{
"date": "2014-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"date": "2014-07-24T00:00:00",
"db": "VULHUB",
"id": "VHN-72623"
},
{
"date": "2014-07-24T00:00:00",
"db": "BID",
"id": "68876"
},
{
"date": "2014-07-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003565"
},
{
"date": "2014-07-29T22:37:22",
"db": "PACKETSTORM",
"id": "127660"
},
{
"date": "2014-07-24T14:55:08.020000",
"db": "NVD",
"id": "CVE-2014-4682"
},
{
"date": "2014-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-602"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"date": "2014-07-25T00:00:00",
"db": "VULHUB",
"id": "VHN-72623"
},
{
"date": "2015-03-19T08:39:00",
"db": "BID",
"id": "68876"
},
{
"date": "2014-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003565"
},
{
"date": "2014-07-25T14:27:43.193000",
"db": "NVD",
"id": "CVE-2014-4682"
},
{
"date": "2014-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-602"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-602"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC and PCS7 WebNavigator Server Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04662"
},
{
"db": "BID",
"id": "68876"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Information leakage",
"sources": [
{
"db": "IVD",
"id": "e2da5658-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
},
{
"db": "IVD",
"id": "7d801221-463f-11e9-a98b-000c29342cb1"
}
],
"trust": 0.6
}
}
VAR-201407-0604
Vulnerability from variot - Updated: 2023-12-18 12:30The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens' product database servers, which can be exploited by remote attackers to escalate privileges and perform unauthorized actions. SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in the database server of versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201407-0604",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "wincc",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.3"
},
{
"model": null,
"scope": "eq",
"trust": 1.2,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 1.2,
"vendor": "wincc",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "*"
},
{
"model": "pcs7",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "8.1"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "6.2"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1"
},
{
"db": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b"
},
{
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"db": "BID",
"id": "68880"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003567"
},
{
"db": "NVD",
"id": "CVE-2014-4684"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-604"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4684"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "68880"
}
],
"trust": 0.3
},
"cve": "CVE-2014-4684",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-4684",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2014-04663",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "7d7feb11-463f-11e9-a766-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "2ce952e5-3809-407f-81cb-08454c69b74b",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "VHN-72625",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-4684",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-04663",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201407-604",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-72625",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1"
},
{
"db": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b"
},
{
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"db": "VULHUB",
"id": "VHN-72625"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003567"
},
{
"db": "NVD",
"id": "CVE-2014-4684"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-604"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens\u0027 product database servers, which can be exploited by remote attackers to escalate privileges and perform unauthorized actions. SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in the database server of versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4684"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003567"
},
{
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"db": "BID",
"id": "68880"
},
{
"db": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1"
},
{
"db": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b"
},
{
"db": "VULHUB",
"id": "VHN-72625"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4684",
"trust": 4.1
},
{
"db": "SIEMENS",
"id": "SSA-214365",
"trust": 2.3
},
{
"db": "CNNVD",
"id": "CNNVD-201407-604",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2014-04663",
"trust": 1.2
},
{
"db": "BID",
"id": "68880",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-14-205-02",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003567",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "60392",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "60388",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7FEB11-463F-11E9-A766-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "E2D4CC60-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "2CE952E5-3809-407F-81CB-08454C69B74B",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-72625",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127660",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1"
},
{
"db": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b"
},
{
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"db": "VULHUB",
"id": "VHN-72625"
},
{
"db": "BID",
"id": "68880"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003567"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4684"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-604"
}
]
},
"id": "VAR-201407-0604",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1"
},
{
"db": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b"
},
{
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"db": "VULHUB",
"id": "VHN-72625"
}
],
"trust": 1.9928966825
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1"
},
{
"db": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b"
},
{
"db": "CNVD",
"id": "CNVD-2014-04663"
}
]
},
"last_update_date": "2023-12-18T12:30:37.664000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-214365",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
},
{
"title": "Siemens product database server remote privilege escalation vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/47900"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003567"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72625"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003567"
},
{
"db": "NVD",
"id": "CVE-2014-4684"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4684"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4684"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60388"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60392"
},
{
"trust": 0.3,
"url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"db": "VULHUB",
"id": "VHN-72625"
},
{
"db": "BID",
"id": "68880"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003567"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4684"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-604"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1"
},
{
"db": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b"
},
{
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"db": "VULHUB",
"id": "VHN-72625"
},
{
"db": "BID",
"id": "68880"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003567"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4684"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-604"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1"
},
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b"
},
{
"date": "2014-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"date": "2014-07-24T00:00:00",
"db": "VULHUB",
"id": "VHN-72625"
},
{
"date": "2014-07-23T00:00:00",
"db": "BID",
"id": "68880"
},
{
"date": "2014-07-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003567"
},
{
"date": "2014-07-29T22:37:22",
"db": "PACKETSTORM",
"id": "127660"
},
{
"date": "2014-07-24T14:55:08.097000",
"db": "NVD",
"id": "CVE-2014-4684"
},
{
"date": "2014-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-604"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04663"
},
{
"date": "2014-07-25T00:00:00",
"db": "VULHUB",
"id": "VHN-72625"
},
{
"date": "2014-10-08T06:59:00",
"db": "BID",
"id": "68880"
},
{
"date": "2014-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003567"
},
{
"date": "2014-07-25T14:42:45.647000",
"db": "NVD",
"id": "CVE-2014-4684"
},
{
"date": "2014-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-604"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-604"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC PCS 7 Used in products such as SIMATIC WinCC of Vulnerability that can be obtained privilege in the database server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003567"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Permission permission and access control",
"sources": [
{
"db": "IVD",
"id": "7d7feb11-463f-11e9-a766-000c29342cb1"
},
{
"db": "IVD",
"id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2ce952e5-3809-407f-81cb-08454c69b74b"
}
],
"trust": 0.6
}
}