var-201202-0047
Vulnerability from variot
CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. plural Siemens Product HMI Web The server CRLF An injection vulnerability exists.By any third party HTTP Inserted header, and HTTP Response splitting attacks can be triggered. Siemens SIMATIC is an automation software in a single engineering environment. The HMI web server has a header injection vulnerability that allows elevation of privilege, stealing data or breaking services. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0047",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 2.4,
"vendor": "siemens",
"version": "mp"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 2.4,
"vendor": "siemens",
"version": "op"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 2.4,
"vendor": "siemens",
"version": "tp"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 1.7,
"vendor": "siemens",
"version": "2007"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 1.7,
"vendor": "siemens",
"version": "2005"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 1.7,
"vendor": "siemens",
"version": "2004"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "v11"
},
{
"model": "wincc runtime advanced",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "v11"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "comfort_panels"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "mobile_panels"
},
{
"model": "wincc flexible",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2008"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "v11"
},
{
"model": "wincc flexible",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2005"
},
{
"model": "wincc flexible",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2007"
},
{
"model": "wincc flexible",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2004"
},
{
"model": "wincc flexible runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "2008"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "v11"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "comfort panels"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "mobile panels"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "v11 sp2 update 1"
},
{
"model": "simatic wincc flexible",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "2008 sp3"
},
{
"model": "simatic wincc flexible rumtime",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc runtime advanced",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "v11"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc flexible",
"version": "2008"
},
{
"model": "simatic wincc flexible runtime",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc runtime advanced",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic hmi panels",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "wincc flexible runtime",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wincc",
"version": "v11"
},
{
"model": "simatic wincc flexible runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic wincc runtime advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc flexible",
"version": "2004"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc flexible",
"version": "2005"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc flexible",
"version": "2007"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "*"
},
{
"model": "comfort panels",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": "mobile panels",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": "mp",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": "op",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": "tp",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc runtime advanced",
"version": "v11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc flexible runtime",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0462"
},
{
"db": "BID",
"id": "51836"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001314"
},
{
"db": "NVD",
"id": "CVE-2011-4512"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2008:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2008:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp2:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v11",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:v11:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:v11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:mobile_panels:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:tp:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:mp:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:op:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:comfort_panels:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_runtime_advanced:v11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4512"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ICS-CERT",
"sources": [
{
"db": "BID",
"id": "51836"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4512",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-4512",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "289d30d2-2354-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-52457",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4512",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-087",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-52457",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-52457"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001314"
},
{
"db": "NVD",
"id": "CVE-2011-4512"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. plural Siemens Product HMI Web The server CRLF An injection vulnerability exists.By any third party HTTP Inserted header, and HTTP Response splitting attacks can be triggered. Siemens SIMATIC is an automation software in a single engineering environment. The HMI web server has a header injection vulnerability that allows elevation of privilege, stealing data or breaking services. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. \nA remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4512"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001314"
},
{
"db": "CNVD",
"id": "CNVD-2012-0462"
},
{
"db": "BID",
"id": "51836"
},
{
"db": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-52457"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4512",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-030-01",
"trust": 3.4
},
{
"db": "SIEMENS",
"id": "SSA-345442",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2012-0462",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201202-087",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001314",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "18633",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-030-01A",
"trust": 0.3
},
{
"db": "BID",
"id": "51836",
"trust": 0.3
},
{
"db": "IVD",
"id": "289D30D2-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-52457",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0462"
},
{
"db": "VULHUB",
"id": "VHN-52457"
},
{
"db": "BID",
"id": "51836"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001314"
},
{
"db": "NVD",
"id": "CVE-2011-4512"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
]
},
"id": "VAR-201202-0047",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0462"
},
{
"db": "VULHUB",
"id": "VHN-52457"
}
],
"trust": 1.494686884
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0462"
}
]
},
"last_update_date": "2023-12-18T12:22:07.785000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-345442",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
},
{
"title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens SIMATIC WinCC HMI Header Injection Vulnerability (CNVD-2012-0462)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/9060"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0462"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001314"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52457"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001314"
},
{
"db": "NVD",
"id": "CVE-2011-4512"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
},
{
"trust": 1.7,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4512"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4512"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/18633"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/pages/default.aspx"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0462"
},
{
"db": "VULHUB",
"id": "VHN-52457"
},
{
"db": "BID",
"id": "51836"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001314"
},
{
"db": "NVD",
"id": "CVE-2011-4512"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0462"
},
{
"db": "VULHUB",
"id": "VHN-52457"
},
{
"db": "BID",
"id": "51836"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001314"
},
{
"db": "NVD",
"id": "CVE-2011-4512"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-07T00:00:00",
"db": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0462"
},
{
"date": "2012-02-03T00:00:00",
"db": "VULHUB",
"id": "VHN-52457"
},
{
"date": "2012-02-02T00:00:00",
"db": "BID",
"id": "51836"
},
{
"date": "2012-02-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001314"
},
{
"date": "2012-02-03T20:55:01.453000",
"db": "NVD",
"id": "CVE-2011-4512"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0462"
},
{
"date": "2012-02-06T00:00:00",
"db": "VULHUB",
"id": "VHN-52457"
},
{
"date": "2012-04-18T21:20:00",
"db": "BID",
"id": "51836"
},
{
"date": "2012-02-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001314"
},
{
"date": "2012-02-06T05:00:00",
"db": "NVD",
"id": "CVE-2011-4512"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC HMI Web Server Multiple Input Validation Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "51836"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "289d30d2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-087"
}
],
"trust": 0.8
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.