VAR-201303-0007
Vulnerability from variot - Updated: 2023-12-18 12:21Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access. The Siemens SIMATIC WinCC TIA Portal covers engineering tools for the entire HMI field, from compact series panels to SCADA systems. There are several vulnerabilities in the Siemens SIMATIC WinCC TIA Portal that can be exploited by malicious users to disclose sensitive information, bypass security restrictions, insert and execute scripts, cause denial of service, and so on. 1. There is an error in processing the HTTP request, which can be exploited to cause the HMI web server to crash. 2. Some of the input in the HMI web application is not properly filtered and can be used to insert arbitrary HTML and script code, or to insert any HTTP header. 3, some URLs are not properly filtered to access certain files, can be used to leak the source code of the panel server-side web application files. To successfully exploit these vulnerabilities, you need to open the web server. Siemens SIMATIC WinCC TIA Portal is prone to multiple security vulnerabilities, including: 1. A security-bypass vulnerability 2. A denial-of-service vulnerability 3. An HTML-injection vulnerability 4. An information-disclosure vulnerability 5. An HTTP-header-injection vulnerability 6. An information-disclosure vulnerability 7. A cross-site scripting vulnerability Attackers can exploit these issues to bypass certain security restrictions, obtain sensitive information and gain unauthorized access, allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials, insert arbitrary headers into an HTTP response, or perform a denial-of-service attack. Other attacks may be possible. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc tia portal",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "11.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "11"
},
{
"model": "simatic wincc tia portal",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "11.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc tia portal",
"version": "11.0"
}
],
"sources": [
{
"db": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001963"
},
{
"db": "NVD",
"id": "CVE-2011-4515"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_tia_portal:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4515"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Sergey Bobrov, Roman Ilin, Artem Chaykin, Timur Yunusov, and Ilya Karpov from Positive Technologies.",
"sources": [
{
"db": "BID",
"id": "58567"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4515",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2011-4515",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2013-02166",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-52460",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4515",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-02166",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-404",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-52460",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"db": "VULHUB",
"id": "VHN-52460"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001963"
},
{
"db": "NVD",
"id": "CVE-2011-4515"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access. The Siemens SIMATIC WinCC TIA Portal covers engineering tools for the entire HMI field, from compact series panels to SCADA systems. There are several vulnerabilities in the Siemens SIMATIC WinCC TIA Portal that can be exploited by malicious users to disclose sensitive information, bypass security restrictions, insert and execute scripts, cause denial of service, and so on. 1. There is an error in processing the HTTP request, which can be exploited to cause the HMI web server to crash. 2. Some of the input in the HMI web application is not properly filtered and can be used to insert arbitrary HTML and script code, or to insert any HTTP header. 3, some URLs are not properly filtered to access certain files, can be used to leak the source code of the panel server-side web application files. To successfully exploit these vulnerabilities, you need to open the web server. Siemens SIMATIC WinCC TIA Portal is prone to multiple security vulnerabilities, including:\n1. A security-bypass vulnerability\n2. A denial-of-service vulnerability\n3. An HTML-injection vulnerability\n4. An information-disclosure vulnerability\n5. An HTTP-header-injection vulnerability\n6. An information-disclosure vulnerability\n7. A cross-site scripting vulnerability\nAttackers can exploit these issues to bypass certain security restrictions, obtain sensitive information and gain unauthorized access, allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials, insert arbitrary headers into an HTTP response, or perform a denial-of-service attack. Other attacks may be possible. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4515"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001963"
},
{
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"db": "BID",
"id": "58567"
},
{
"db": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-52460"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4515",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-13-079-03",
"trust": 3.1
},
{
"db": "SIEMENS",
"id": "SSA-212483",
"trust": 1.7
},
{
"db": "BID",
"id": "58567",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201303-404",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-02166",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001963",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "52646",
"trust": 0.6
},
{
"db": "IVD",
"id": "0906F0C4-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "120897",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-52460",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"db": "VULHUB",
"id": "VHN-52460"
},
{
"db": "BID",
"id": "58567"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001963"
},
{
"db": "PACKETSTORM",
"id": "120897"
},
{
"db": "NVD",
"id": "CVE-2011-4515"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
]
},
"id": "VAR-201303-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"db": "VULHUB",
"id": "VHN-52460"
}
],
"trust": 1.4994691150000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02166"
}
]
},
"last_update_date": "2023-12-18T12:21:48.159000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/cc/en/"
},
{
"title": "SSA-212483: Vulnerabilities in WinCC (TIA Portal) V11",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/answers/jp/ja/"
},
{
"title": "Siemens SIMATIC WinCC TIA Portal has patches for multiple vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33006"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001963"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.1
},
{
"problemtype": "CWE-310",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52460"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001963"
},
{
"db": "NVD",
"id": "CVE-2011-4515"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-03.pdf"
},
{
"trust": 1.7,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4515"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4515"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52646"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4515"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"db": "VULHUB",
"id": "VHN-52460"
},
{
"db": "BID",
"id": "58567"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001963"
},
{
"db": "PACKETSTORM",
"id": "120897"
},
{
"db": "NVD",
"id": "CVE-2011-4515"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"db": "VULHUB",
"id": "VHN-52460"
},
{
"db": "BID",
"id": "58567"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001963"
},
{
"db": "PACKETSTORM",
"id": "120897"
},
{
"db": "NVD",
"id": "CVE-2011-4515"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"date": "2013-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-52460"
},
{
"date": "2013-03-15T00:00:00",
"db": "BID",
"id": "58567"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001963"
},
{
"date": "2013-03-21T15:00:32",
"db": "PACKETSTORM",
"id": "120897"
},
{
"date": "2013-03-21T14:55:01.423000",
"db": "NVD",
"id": "CVE-2011-4515"
},
{
"date": "2013-03-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02166"
},
{
"date": "2013-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-52460"
},
{
"date": "2013-03-15T00:00:00",
"db": "BID",
"id": "58567"
},
{
"date": "2013-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001963"
},
{
"date": "2013-05-31T04:00:00",
"db": "NVD",
"id": "CVE-2011-4515"
},
{
"date": "2013-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001963"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trust management",
"sources": [
{
"db": "IVD",
"id": "0906f0c4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-404"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…