CVE-2021-40360
Vulnerability from cvelistv5
Published
2022-02-09 15:17
Modified
2024-08-04 02:44
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf | Patch, Vendor Advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T02:44:09.157Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC PCS 7 V8.2", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC PCS 7 V9.0", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC PCS 7 V9.1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V9.1 SP1" } ] }, { "product": "SIMATIC WinCC V15 and earlier", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15 SP1 Update 7" } ] }, { "product": "SIMATIC WinCC V16", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16 Update 5" } ] }, { "product": "SIMATIC WinCC V17", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V17 Update 2" } ] }, { "product": "SIMATIC WinCC V7.4", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.4 SP1 Update 19" } ] }, { "product": "SIMATIC WinCC V7.5", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.5 SP2 Update 6" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-05-10T09:46:42", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2021-40360", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC PCS 7 V8.2", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC PCS 7 V9.0", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC PCS 7 V9.1", "version": { "version_data": [ { "version_value": "All versions \u003c V9.1 SP1" } ] } }, { "product_name": "SIMATIC WinCC V15 and earlier", "version": { "version_data": [ { "version_value": "All versions \u003c V15 SP1 Update 7" } ] } }, { "product_name": "SIMATIC WinCC V16", "version": { "version_data": [ { "version_value": "All versions \u003c V16 Update 5" } ] } }, { "product_name": "SIMATIC WinCC V17", "version": { "version_data": [ { "version_value": "All versions \u003c V17 Update 2" } ] } }, { "product_name": "SIMATIC WinCC V7.4", "version": { "version_data": [ { "version_value": "All versions \u003c V7.4 SP1 Update 19" } ] } }, { "product_name": "SIMATIC WinCC V7.5", "version": { "version_data": [ { "version_value": "All versions \u003c V7.5 SP2 Update 6" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2021-40360", "datePublished": "2022-02-09T15:17:03", "dateReserved": "2021-09-01T00:00:00", "dateUpdated": "2024-08-04T02:44:09.157Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-40360\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2022-02-09T16:15:13.813\",\"lastModified\":\"2023-07-17T15:15:56.653\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones), SIMATIC PCS 7 V9.1 (Todas las versiones anteriores a V9. 1 SP1), SIMATIC WinCC V15 y anteriores (Todas las versiones anteriores a V15 SP1 Update 7), SIMATIC WinCC V16 (Todas las versiones anteriores a V16 Update 5), SIMATIC WinCC V17 (Todas las versiones anteriores a V17 Update 2), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP2 Update 6). El hash de la contrase\u00f1a de una cuenta de usuario local en el servidor remoto podr\u00eda concederse a trav\u00e9s de la API p\u00fablica a un usuario del sistema afectado. Un atacante autenticado podr\u00eda forzar el hash de la contrase\u00f1a y utilizarlo para iniciar sesi\u00f3n en el servidor\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-522\"}]},{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.2\",\"matchCriteriaId\":\"8B62697B-2F75-44EA-A1F8-14BF9D1F99CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs_7:9.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D25510C-F677-4A98-806C-FF644F11EEC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.4\",\"matchCriteriaId\":\"3F39B396-140B-4005-9A61-F984C9FAF742\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2637C346-8AAF-481F-AFB0-BAD4254D14F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF8404AB-579E-4C6B-BCA7-E95F2CE24F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F6B3BF-727F-432E-89D8-37FB7C76FE2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"62EB588C-CBB4-4B17-9BB5-B14B1FC6BB21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3F613C-6707-4517-B4B8-530C912B79E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"590F62CE-9245-4AC9-9FBC-35136E217B0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update14:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C5F5AD3-878D-42B0-B30E-8B0B6174486B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"57F59EE1-46FC-4B94-AB30-F1D3235C5A1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update16:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA774F51-885C-4579-982E-431A8AB027B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update17:*:*:*:*:*:*\",\"matchCriteriaId\":\"110DF98C-BE75-43B6-B63D-1D7D99AFFA73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update18:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F812DE-BF33-4CB0-8E21-81682E3B88CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"241D5A28-FB22-4C5B-A067-733168E847BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5418F92-84A9-439C-B86C-ED5820697603\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"40631FBD-116B-4589-B77A-6C5A69990F73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"64B14972-6163-4D44-A9C6-16328E02AC69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"8929E926-740F-4F17-B52C-4C73914B1818\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4F72666-D10A-4EB2-80D3-18B04C101256\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E343221-1E1A-4EE7-80AE-AB24E2244BA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BF716D7-0A77-400F-9B43-64FBE3E65735\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E79DA14E-419C-49BA-8E4F-2907E1D8937F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F9C13C-065C-4E40-BB46-687D791348A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CF06E69-0A23-418D-B0EC-574DACBB4DD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9164EAC1-C416-4F1F-A910-CE84A167A6D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3422B714-DB0F-4EE3-A7D4-9A0165214563\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B79B00-F61D-4F10-AD7B-74718F061D9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8766442-CC8D-4221-89B8-F75D195F71E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"26C08FB9-AFEB-4A53-AAB3-37C9717B30C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"68896900-7FCC-4BFB-B787-8992B459F00D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"1059B529-02F0-4C85-A35E-2282546FA990\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9FE447-2090-47D2-8667-5DC7605089BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:13:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB4FFADC-51F0-439F-9F80-D2B2614FFC39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:13:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C117FFB-A3FF-4E82-9CE9-B2DFFAF7D799\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:14.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE5A7162-F1B5-4E74-99D6-4108AC4C49FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A961C560-0288-4BC7-B3EB-11610765A34A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"50B77C2A-4D66-4407-8CA4-99C43ED72DDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9794ED7E-EB17-4C95-B900-840A48758F03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"57E82CFE-4191-4055-A0BA-EAB7BE96D947\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4DBBDAA-BCAE-4B63-BDFC-3DD70DAD9B7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5AF87C6-F8D6-4462-9DF5-B9D301002B1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4D610DA-D1EF-487E-94CB-FC6E6BE4BE4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BB49DC6-B8AB-4320-B5CB-8EB803D41194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4316924-9EF8-4835-A2E4-0C81F4DE473D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:16:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1011EBE-A08D-4066-A2B8-45736AE6999B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:16:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"37284D6C-ADB9-43A9-817D-7879FDF8BF7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:16:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DAD73CB-A027-4CEA-A439-A271717BBEDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:16:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"150B957C-545F-4BD8-8AB9-E64ACC59C865\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:17:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C665E91E-DC56-41E0-99B4-ACFAA70B3103\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:17:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB46C8BD-942A-45DC-AA8A-C0D9418CA302\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.