cvelistv5 - CVE-2017-6868

CVE-2017-6868 (GCVE-0-2017-6868)

Vulnerability from cvelistv5 – Published: 2017-07-07 17:00 – Updated: 2024-08-05 15:41

Summary

Severity ?

No CVSS data available.

CWE

CWE-287

Assigner

icscert

References

URL

Tags

	http://www.securityfocus.com/bid/99234	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1038788	vdb-entryx_refsource_SECTRACK
	https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01	x_refsource_MISC
	https://www.siemens.com/cert/pool/cert/siemens_se…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Siemens SIMATIC CP 44x-1 Redundant Network Access Modules	Affected: Siemens SIMATIC CP 44x-1 Redundant Network Access Modules

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:41:17.673Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99234",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99234"
          },
          {
            "name": "1038788",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038788"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Siemens SIMATIC CP 44x-1 Redundant Network Access Modules",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Siemens SIMATIC CP 44x-1 Redundant Network Access Modules"
            }
          ]
        }
      ],
      "datePublic": "2017-07-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-29T04:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "name": "99234",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99234"
        },
        {
          "name": "1038788",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038788"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-6868",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Siemens SIMATIC CP 44x-1 Redundant Network Access Modules",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Siemens SIMATIC CP 44x-1 Redundant Network Access Modules"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99234",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99234"
            },
            {
              "name": "1038788",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038788"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01"
            },
            {
              "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf",
              "refsource": "CONFIRM",
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2017-6868",
    "datePublished": "2017-07-07T17:00:00",
    "dateReserved": "2017-03-13T00:00:00",
    "dateUpdated": "2024-08-05T15:41:17.673Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_cp_44x-1_redundant_network_access_modules:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.4.0\", \"matchCriteriaId\": \"D0D86C69-26D1-482A-BB8D-B5976628CBC8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU.\"}, {\"lang\": \"es\", \"value\": \"Se detect\\u00f3 un problema de autenticaci\\u00f3n inapropiada en SIMATIC CP 44x-1 RNA de Siemens, todas las versiones anteriores a 1.4.1. Un atacante remoto no autenticado puede ser capaz de realizar acciones administrativas en el Proceso de Comunicaci\\u00f3n (CP) del m\\u00f3dulo de la serie RNA, si el acceso de red al puerto 102/TCP est\\u00e1 disponible y el archivo de configuraci\\u00f3n para el CP se salva en la CPU del RNA.\"}]",
      "id": "CVE-2017-6868",
      "lastModified": "2024-11-21T03:30:41.823",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-07-07T17:29:00.340",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/99234\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038788\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf\", \"source\": \"ics-cert@hq.dhs.gov\"}, {\"url\": \"http://www.securityfocus.com/bid/99234\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038788\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-6868\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2017-07-07T17:29:00.340\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un problema de autenticaci\u00f3n inapropiada en SIMATIC CP 44x-1 RNA de Siemens, todas las versiones anteriores a 1.4.1. Un atacante remoto no autenticado puede ser capaz de realizar acciones administrativas en el Proceso de Comunicaci\u00f3n (CP) del m\u00f3dulo de la serie RNA, si el acceso de red al puerto 102/TCP est\u00e1 disponible y el archivo de configuraci\u00f3n para el CP se salva en la CPU del RNA.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_cp_44x-1_redundant_network_access_modules:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.4.0\",\"matchCriteriaId\":\"D0D86C69-26D1-482A-BB8D-B5976628CBC8\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/99234\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038788\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"http://www.securityfocus.com/bid/99234\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038788\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2017-6868

Vulnerability from fkie_nvd - Published: 2017-07-07 17:29 - Updated: 2025-04-20 01:37

Severity ?

8.1 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/99234	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	http://www.securitytracker.com/id/1038788	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01	Third Party Advisory, US Government Resource
ics-cert@hq.dhs.gov	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99234	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038788	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf

Impacted products

	Vendor	Product	Version
	siemens	simatic_cp_44x-1_redundant_network_access_modules	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_cp_44x-1_redundant_network_access_modules:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0D86C69-26D1-482A-BB8D-B5976628CBC8",
              "versionEndIncluding": "1.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema de autenticaci\u00f3n inapropiada en SIMATIC CP 44x-1 RNA de Siemens, todas las versiones anteriores a 1.4.1. Un atacante remoto no autenticado puede ser capaz de realizar acciones administrativas en el Proceso de Comunicaci\u00f3n (CP) del m\u00f3dulo de la serie RNA, si el acceso de red al puerto 102/TCP est\u00e1 disponible y el archivo de configuraci\u00f3n para el CP se salva en la CPU del RNA."
    }
  ],
  "id": "CVE-2017-6868",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-07T17:29:00.340",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99234"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038788"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99234"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038788"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2017-AVI-189

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans SCADA Siemens SIMATIC CP 44x-1 RNA modules . Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

SIMATIC CP 44x-1 RNA toutes versions inférieures à 1.4.1

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-126840 du 20 juin 2017

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eSIMATIC CP 44x-1 RNA toutes versions inf\u00e9rieures \u00e0 1.4.1\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-6868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6868"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-189",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-06-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eSCADA Siemens\nSIMATIC CP 44x-1 RNA modules\u003c/span\u003e . Elle permet \u00e0 un attaquant de\nprovoquer un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans SCADA Siemens SIMATIC CP 44x-1 RNA modules",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-126840 du 20 juin 2017",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-126840.pdf"
    }
  ]
}

CERTFR-2017-AVI-189

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans SCADA Siemens SIMATIC CP 44x-1 RNA modules . Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

SIMATIC CP 44x-1 RNA toutes versions inférieures à 1.4.1

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-126840 du 20 juin 2017

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eSIMATIC CP 44x-1 RNA toutes versions inf\u00e9rieures \u00e0 1.4.1\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-6868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6868"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-189",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-06-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eSCADA Siemens\nSIMATIC CP 44x-1 RNA modules\u003c/span\u003e . Elle permet \u00e0 un attaquant de\nprovoquer un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans SCADA Siemens SIMATIC CP 44x-1 RNA modules",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-126840 du 20 juin 2017",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-126840.pdf"
    }
  ]
}

CNVD-2017-10562

Vulnerability from cnvd - Published: 2017-06-21

Title

Siemens SIMATIC CP 44x-1 RNA模块未授权操作漏洞

Description

Siemens SIMATIC CP 44x-1 RNA是一台集成了防火墙、VPN、安全协议、数据加密等安全功能的通信处理器，提供了s7-1500控制器的网络连接和安全通信。 Siemens SIMATIC CP 44x-1 RNA模块1.4.1之前版本中存在未授权操作漏洞，未经身份验证的远程攻击者可以对受影响的通信处理器（CP）执行管理操作，并且CP的配置存储在相应的CPU上。

Severity

高

Patch Name

Siemens SIMATIC CP 44x-1 RNA模块未授权操作漏洞的补丁

Patch Description

Formal description

用户可联系供应商获得补丁信息： https://support.industry.siemens.com/cs/ww/en/view/109748227

Reference

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf

Impacted products

Name
Siemens SIMATIC CP 44x-1 RNA <V1.4.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-6868"
    }
  },
  "description": "Siemens SIMATIC CP 44x-1 RNA\u662f\u4e00\u53f0\u96c6\u6210\u4e86\u9632\u706b\u5899\u3001VPN\u3001\u5b89\u5168\u534f\u8bae\u3001\u6570\u636e\u52a0\u5bc6\u7b49\u5b89\u5168\u529f\u80fd\u7684\u901a\u4fe1\u5904\u7406\u5668\uff0c\u63d0\u4f9b\u4e86s7-1500\u63a7\u5236\u5668\u7684\u7f51\u7edc\u8fde\u63a5\u548c\u5b89\u5168\u901a\u4fe1\u3002\r\n\r\nSiemens SIMATIC CP 44x-1 RNA\u6a21\u57571.4.1\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5bf9\u53d7\u5f71\u54cd\u7684\u901a\u4fe1\u5904\u7406\u5668\uff08CP\uff09\u6267\u884c\u7ba1\u7406\u64cd\u4f5c\uff0c\u5e76\u4e14CP\u7684\u914d\u7f6e\u5b58\u50a8\u5728\u76f8\u5e94\u7684CPU\u4e0a\u3002",
  "discovererName": "Siemens",
  "formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://support.industry.siemens.com/cs/ww/en/view/109748227",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-10562",
  "openTime": "2017-06-21",
  "patchDescription": "Siemens SIMATIC CP 44x-1 RNA\u662f\u4e00\u53f0\u96c6\u6210\u4e86\u9632\u706b\u5899\u3001VPN\u3001\u5b89\u5168\u534f\u8bae\u3001\u6570\u636e\u52a0\u5bc6\u7b49\u5b89\u5168\u529f\u80fd\u7684\u901a\u4fe1\u5904\u7406\u5668\uff0c\u63d0\u4f9b\u4e86s7-1500\u63a7\u5236\u5668\u7684\u7f51\u7edc\u8fde\u63a5\u548c\u5b89\u5168\u901a\u4fe1\u3002\r\n\r\nSiemens SIMATIC CP 44x-1 RNA\u6a21\u57571.4.1\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5bf9\u53d7\u5f71\u54cd\u7684\u901a\u4fe1\u5904\u7406\u5668\uff08CP\uff09\u6267\u884c\u7ba1\u7406\u64cd\u4f5c\uff0c\u5e76\u4e14CP\u7684\u914d\u7f6e\u5b58\u50a8\u5728\u76f8\u5e94\u7684CPU\u4e0a\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SIMATIC CP 44x-1 RNA\u6a21\u5757\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Siemens SIMATIC CP 44x-1 RNA \u003cV1.4.1"
  },
  "referenceLink": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf",
  "serverity": "\u9ad8",
  "submitTime": "2017-06-21",
  "title": "Siemens SIMATIC CP 44x-1 RNA\u6a21\u5757\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e"
}

GSD-2017-6868

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-6868

Aliases

CVE-2017-6868

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-6868",
    "description": "An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU.",
    "id": "GSD-2017-6868"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-6868"
      ],
      "details": "An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU.",
      "id": "GSD-2017-6868",
      "modified": "2023-12-13T01:21:09.912143Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2017-6868",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Siemens SIMATIC CP 44x-1 Redundant Network Access Modules",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Siemens SIMATIC CP 44x-1 Redundant Network Access Modules"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-287"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "99234",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/99234"
          },
          {
            "name": "1038788",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1038788"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01"
          },
          {
            "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf",
            "refsource": "CONFIRM",
            "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_cp_44x-1_redundant_network_access_modules:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-6868"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01"
            },
            {
              "name": "1038788",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1038788"
            },
            {
              "name": "99234",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/99234"
            },
            {
              "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-12-30T02:29Z",
      "publishedDate": "2017-07-07T17:29Z"
    }
  }
}

GHSA-X7XV-3F7C-PP2M

Vulnerability from github – Published: 2022-05-14 04:01 – Updated: 2022-05-14 04:01

Details

Severity ?

8.1 (High)


                  
                    CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-6868"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-07T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU.",
  "id": "GHSA-x7xv-3f7c-pp2m",
  "modified": "2022-05-14T04:01:33Z",
  "published": "2022-05-14T04:01:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6868"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01"
    },
    {
      "type": "WEB",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99234"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038788"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

ICSA-17-173-01

Vulnerability from csaf_cisa - Published: 2017-06-22 00:00 - Updated: 2017-06-22 00:00

Summary

Siemens SIMATIC CP 44x-1 Redundant Network Access Modules

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Countries/areas deployed

Worldwide

Company headquarters location

Munich, Germany

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens",
        "summary": "reporting this vulnerability"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Munich, Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-173-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-173-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-173-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-173-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-173-01"
      }
    ],
    "title": "Siemens SIMATIC CP 44x-1 Redundant Network Access Modules",
    "tracking": {
      "current_release_date": "2017-06-22T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-173-01",
      "initial_release_date": "2017-06-22T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-06-22T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-173-01 Siemens SIMATIC CP 44x-1 Redundant Network Access Modules"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 1.4.1",
                "product": {
                  "name": "SIMATIC CP 44x-1 RNA: all versions prior to Versions 1.4.1",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC CP 44x-1 RNA"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-6868",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA \u0027s CPU.CVE-2017-6868 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6868"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Siemens has released firmware update, Version 1.4.1, for the SIMATIC CP 44x-1 RNA modules that fixes the vulnerability and is available at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://support.industry.siemens.com/cs/ww/en/view/109748227.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109748227"
        },
        {
          "category": "vendor_fix",
          "details": "Siemens recommends that users apply the firmware update.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Siemens recommends that users apply the following mitigations until the firmware update can be applied:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://www.siemens.com/cert/operational-guidelines-industrial-security",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
        },
        {
          "category": "vendor_fix",
          "details": "https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.siemens.com/industrialsecurity"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

VAR-201707-1137

Vulnerability from variot - Updated: 2023-12-18 13:29

An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA's CPU. The SiemensSIMATICCP44x-1RNA is a communications processor that integrates security functions such as firewall, VPN, security protocol, data encryption, etc., providing network connectivity and secure communication for the s7-1500 controller. An unauthorized operating vulnerability exists in the pre-1.4.1 version of the Siemens SIMATICCP44x-1RNA module. Siemens SIMATIC CP 44x-1 Redundant is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201707-1137",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic cp 44x-1 redundant network access modules",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.4.0"
      },
      {
        "model": "simatic cp 44x-1 rna",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "1.4.1"
      },
      {
        "model": "simatic cp 44x-1 rna",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "all versions"
      },
      {
        "model": "simatic cp rna",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "44x-1\u003cv1.4.1"
      },
      {
        "model": "simatic cp 44x-1 redundant network access modules",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1.4.0"
      },
      {
        "model": "simatic cp rna",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "44x-11.4"
      },
      {
        "model": "simatic cp rna",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "44x-11.4.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 44x 1 redundant network access modules",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      },
      {
        "db": "BID",
        "id": "99234"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6868"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-629"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_cp_44x-1_redundant_network_access_modules:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-6868"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported the issue.",
    "sources": [
      {
        "db": "BID",
        "id": "99234"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-6868",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2017-6868",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-10562",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.2,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.1,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-6868",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-6868",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-10562",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201703-629",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b",
            "trust": 0.2,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6868"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-629"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA\u0027s CPU. The SiemensSIMATICCP44x-1RNA is a communications processor that integrates security functions such as firewall, VPN, security protocol, data encryption, etc., providing network connectivity and secure communication for the s7-1500 controller. An unauthorized operating vulnerability exists in the pre-1.4.1 version of the Siemens SIMATICCP44x-1RNA module. Siemens SIMATIC CP 44x-1 Redundant is prone to an authentication-bypass vulnerability. \nAn attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-6868"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      },
      {
        "db": "BID",
        "id": "99234"
      },
      {
        "db": "IVD",
        "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-6868",
        "trust": 3.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-173-01",
        "trust": 2.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-126840",
        "trust": 1.6
      },
      {
        "db": "BID",
        "id": "99234",
        "trust": 1.3
      },
      {
        "db": "SECTRACK",
        "id": "1038788",
        "trust": 1.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-629",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "672426EA-158D-49E1-AAF0-F6CC1A05260B",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      },
      {
        "db": "BID",
        "id": "99234"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6868"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-629"
      }
    ]
  },
  "id": "VAR-201707-1137",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      }
    ],
    "trust": 1.6333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:29:15.502000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-126840",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
      },
      {
        "title": "SiemensSIMATICCP44x-1RNA Module Unauthorized Patch for Operational Vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/96042"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6868"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.7,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-173-01"
      },
      {
        "trust": 1.6,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/99234"
      },
      {
        "trust": 1.0,
        "url": "http://www.securitytracker.com/id/1038788"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6868"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6868"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      },
      {
        "db": "BID",
        "id": "99234"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6868"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-629"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      },
      {
        "db": "BID",
        "id": "99234"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6868"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-629"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-06-21T00:00:00",
        "db": "IVD",
        "id": "672426ea-158d-49e1-aaf0-f6cc1a05260b"
      },
      {
        "date": "2017-06-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      },
      {
        "date": "2017-06-22T00:00:00",
        "db": "BID",
        "id": "99234"
      },
      {
        "date": "2017-08-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      },
      {
        "date": "2017-07-07T17:29:00.340000",
        "db": "NVD",
        "id": "CVE-2017-6868"
      },
      {
        "date": "2017-03-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-629"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-06-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-10562"
      },
      {
        "date": "2017-06-22T00:00:00",
        "db": "BID",
        "id": "99234"
      },
      {
        "date": "2017-08-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      },
      {
        "date": "2017-12-30T02:29:04.110000",
        "db": "NVD",
        "id": "CVE-2017-6868"
      },
      {
        "date": "2017-07-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-629"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-629"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC CP 44x-1 RNA In  RNA Series module  CP Vulnerability to perform administrator operations on",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005583"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-629"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-6868 (GCVE-0-2017-6868)

Solution

Solution

Tags

Sightings

Nomenclature