var-201202-0166
Vulnerability from variot

miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote attackers to read data from arbitrary memory locations or cause a denial of service (application crash) via a crafted POST request. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server does not properly validate the HTTP request. The first byte in the URL is manipulated. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. The vulnerability stems from the failure of miniweb.exe in the HMI web server to correctly handle URLs starting with the 0xfa character

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0166",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "sp2 update 1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11\\\\"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2008:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2008:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2008:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2005:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2007:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "v11",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc:v11:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc:v11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:tp:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:op:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:mp:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:comfort_panels:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:mobile_panels:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc_runtime_advanced:v11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible_runtime:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ICS-CERT",
    "sources": [
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-4879",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 8.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2011-4879",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "28903b3e-2354-11e6-abef-000c29c66e3d",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-52824",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-4879",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-094",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "28903b3e-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52824",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote attackers to read data from arbitrary memory locations or cause a denial of service (application crash) via a crafted POST request. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server does not properly validate the HTTP request. The first byte in the URL is manipulated. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. \nA remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. The vulnerability stems from the failure of miniweb.exe in the HMI web server to correctly handle URLs starting with the 0xfa character",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      }
    ],
    "trust": 2.7
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-52824",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4879",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02A",
        "trust": 1.1
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "77384",
        "trust": 1.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "18166",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "18633",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "BID",
        "id": "51836",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "28903B3E-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ]
  },
  "id": "VAR-201202-0166",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      }
    ],
    "trust": 1.494686884
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:22:07.993000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Vulnerability (CNVD-2012-0469)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/9075"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.exploit-db.com/exploits/18166"
      },
      {
        "trust": 1.1,
        "url": "http://aluigi.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02a.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.osvdb.org/77384"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71453"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4879"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4879"
      },
      {
        "trust": 0.6,
        "url": "http://aluigi.altervista.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/18633"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "date": "2012-02-02T00:00:00",
        "db": "BID",
        "id": "51836"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "date": "2012-02-03T20:55:02.077000",
        "db": "NVD",
        "id": "CVE-2011-4879"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "51836"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "date": "2017-08-29T01:30:37.413000",
        "db": "NVD",
        "id": "CVE-2011-4879"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  HMI Web Vulnerability to read data from arbitrary memory locations on the server",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ],
    "trust": 0.8
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.