cnvd - cnvd-2015-02291

CNVD-2015-02291

Vulnerability from cnvd - Published: 2015-04-10

Title

Siemens SIMATIC和SIMATIC WinCC HMI Comfort Panels验证绕过漏洞

Description

Siemens SIMATIC WinCC是一款能为工业领域提供完备的监控与数据采集（SCADA）功能，涵盖单用户系统直到支持冗余服务器和远程Web客户机解决方案的多用户系统。 Siemens SIMATIC和SIMATIC WinCC HMI Comfort Panels存在验证绕过漏洞，允许远程攻击者可以利用漏洞可绕过验证进行攻击。

Severity

中

Patch Name

Siemens SIMATIC和SIMATIC WinCC HMI Comfort Panels验证绕过漏洞的补丁

Patch Description

Siemens SIMATIC WinCC是一款能为工业领域提供完备的监控与数据采集（SCADA）功能，涵盖单用户系统直到支持冗余服务器和远程Web客户机解决方案的多用户系统。Siemens SIMATIC和SIMATIC WinCC HMI Comfort Panels存在验证绕过漏洞，允许远程攻击者可以利用漏洞可绕过验证进行攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf

Reference

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2823

Impacted products

Name
['SIEMENS WINCC 7.0', 'SIEMENS WINCC 7.1', 'SIEMENS WINCC 7.2', 'SIEMENS WINCC 7.3', 'SIEMENS simatic hmi basic panels generation 1', 'SIEMENS simatic hmi basic panels generation 2', 'SIEMENS simatic hmi comfort panels', 'SIEMENS simatic hmi mobile panel 277', 'SIEMENS simatic hmi mobile panels']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "74040"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-2823"
    }
  },
  "description": "Siemens SIMATIC WinCC\u662f\u4e00\u6b3e\u80fd\u4e3a\u5de5\u4e1a\u9886\u57df\u63d0\u4f9b\u5b8c\u5907\u7684\u76d1\u63a7\u4e0e\u6570\u636e\u91c7\u96c6\uff08SCADA\uff09\u529f\u80fd\uff0c\u6db5\u76d6\u5355\u7528\u6237\u7cfb\u7edf\u76f4\u5230\u652f\u6301\u5197\u4f59\u670d\u52a1\u5668\u548c\u8fdc\u7a0bWeb\u5ba2\u6237\u673a\u89e3\u51b3\u65b9\u6848\u7684\u591a\u7528\u6237\u7cfb\u7edf\u3002\r\n\r\nSiemens SIMATIC\u548cSIMATIC WinCC HMI Comfort Panels\u5b58\u5728\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e \uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u53ef\u7ed5\u8fc7\u9a8c\u8bc1\u8fdb\u884c\u653b\u51fb\u3002",
  "discovererName": "Siemens",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-02291",
  "openTime": "2015-04-10",
  "patchDescription": "Siemens SIMATIC WinCC\u662f\u4e00\u6b3e\u80fd\u4e3a\u5de5\u4e1a\u9886\u57df\u63d0\u4f9b\u5b8c\u5907\u7684\u76d1\u63a7\u4e0e\u6570\u636e\u91c7\u96c6\uff08SCADA\uff09\u529f\u80fd\uff0c\u6db5\u76d6\u5355\u7528\u6237\u7cfb\u7edf\u76f4\u5230\u652f\u6301\u5197\u4f59\u670d\u52a1\u5668\u548c\u8fdc\u7a0bWeb\u5ba2\u6237\u673a\u89e3\u51b3\u65b9\u6848\u7684\u591a\u7528\u6237\u7cfb\u7edf\u3002Siemens SIMATIC\u548cSIMATIC WinCC HMI Comfort Panels\u5b58\u5728\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e \uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u53ef\u7ed5\u8fc7\u9a8c\u8bc1\u8fdb\u884c\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SIMATIC\u548cSIMATIC WinCC HMI Comfort Panels\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "SIEMENS WINCC 7.0",
      "SIEMENS WINCC 7.1",
      "SIEMENS WINCC 7.2",
      "SIEMENS WINCC 7.3",
      "SIEMENS simatic hmi basic panels generation 1",
      "SIEMENS simatic hmi basic panels generation 2",
      "SIEMENS simatic hmi comfort panels",
      "SIEMENS simatic hmi mobile panel 277",
      "SIEMENS simatic hmi mobile panels"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2823",
  "serverity": "\u4e2d",
  "submitTime": "2015-04-09",
  "title": "Siemens SIMATIC\u548cSIMATIC WinCC HMI Comfort Panels\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2015-2823 (GCVE-0-2015-2823)

Vulnerability from cvelistv5 – Published: 2015-04-08 16:00 – Updated: 2024-08-06 05:24

Summary

Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), and SIMATIC WinCC 7.x before 7.3 Upd4 allow remote attackers to complete authentication by leveraging knowledge of a password hash without knowledge of the associated password.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/74040	vdb-entryx_refsource_BID
	http://www.siemens.com/innovation/pool/de/forschu…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:24:39.120Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "74040",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74040"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), and SIMATIC WinCC 7.x before 7.3 Upd4 allow remote attackers to complete authentication by leveraging knowledge of a password hash without knowledge of the associated password."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-10T14:06:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "74040",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74040"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-2823",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), and SIMATIC WinCC 7.x before 7.3 Upd4 allow remote attackers to complete authentication by leveraging knowledge of a password hash without knowledge of the associated password."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "74040",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74040"
            },
            {
              "name": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2823",
    "datePublished": "2015-04-08T16:00:00",
    "dateReserved": "2015-04-01T00:00:00",
    "dateUpdated": "2024-08-06T05:24:39.120Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2015-02291

CVE-2015-2823 (GCVE-0-2015-2823)

Tags

Sightings

Nomenclature