VAR-201407-0603
Vulnerability from variot - Updated: 2023-12-18 12:30The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens SIMATIC WinCC And PCS7 that can be exploited by remote attackers to gain elevated privileges on affected devices. Siemens SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. There is a security hole in the WebNavigator server used by Siemens SIMATIC WinCC versions prior to 7.3 for PCS7 and other products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201407-0603",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "wincc",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "wincc",
"version": "7.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "6.0"
},
{
"model": "simatic pcs7",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 1.4,
"vendor": "siemens",
"version": "7.3"
},
{
"model": null,
"scope": "eq",
"trust": 1.2,
"vendor": "wincc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 1.2,
"vendor": "wincc",
"version": "7.1"
},
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic pcs7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "8.0"
},
{
"model": "simatic pcs 7",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic pcs7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "*"
},
{
"model": "pcs7",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "8.1"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "6.2"
}
],
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4683"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies.",
"sources": [
{
"db": "BID",
"id": "68879"
}
],
"trust": 0.3
},
"cve": "CVE-2014-4683",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.9,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-4683",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2014-04644",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "e2d78202-2351-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "7d71e153-463f-11e9-be10-000c29342cb1",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "VHN-72624",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-4683",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-04644",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201407-603",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-72624",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens SIMATIC WinCC And PCS7 that can be exploited by remote attackers to gain elevated privileges on affected devices. Siemens SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. There is a security hole in the WebNavigator server used by Siemens SIMATIC WinCC versions prior to 7.3 for PCS7 and other products",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-72624"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4683",
"trust": 4.1
},
{
"db": "SIEMENS",
"id": "SSA-214365",
"trust": 2.3
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2014-04644",
"trust": 1.2
},
{
"db": "BID",
"id": "68879",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-14-205-02",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "60392",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "60388",
"trust": 0.6
},
{
"db": "IVD",
"id": "E2D78202-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "C0A709A9-648B-4FBC-869E-37CD7064012B",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D71E153-463F-11E9-BE10-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-72624",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127660",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"id": "VAR-201407-0603",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
}
],
"trust": 1.9928966825
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
}
]
},
"last_update_date": "2023-12-18T12:30:37.614000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-214365",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
},
{
"title": "Patch for Siemens SIMATIC Multiple Products Remote Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/47899"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4683"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4683"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/68879/info"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60388"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60392"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"db": "VULHUB",
"id": "VHN-72624"
},
{
"db": "BID",
"id": "68879"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"db": "PACKETSTORM",
"id": "127660"
},
{
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"date": "2014-07-28T00:00:00",
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
},
{
"date": "2014-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"date": "2014-07-24T00:00:00",
"db": "VULHUB",
"id": "VHN-72624"
},
{
"date": "2014-07-23T00:00:00",
"db": "BID",
"id": "68879"
},
{
"date": "2014-07-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"date": "2014-07-29T22:37:22",
"db": "PACKETSTORM",
"id": "127660"
},
{
"date": "2014-07-24T14:55:08.050000",
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"date": "2014-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04644"
},
{
"date": "2014-07-25T00:00:00",
"db": "VULHUB",
"id": "VHN-72624"
},
{
"date": "2015-03-19T09:40:00",
"db": "BID",
"id": "68879"
},
{
"date": "2014-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003566"
},
{
"date": "2014-07-25T14:37:19.350000",
"db": "NVD",
"id": "CVE-2014-4683"
},
{
"date": "2014-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-603"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC PCS 7 Used in products such as SIMATIC WinCC of WebNavigator Vulnerability that can be obtained privilege in the server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003566"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Permission permission and access control",
"sources": [
{
"db": "IVD",
"id": "e2d78202-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
},
{
"db": "IVD",
"id": "7d71e153-463f-11e9-be10-000c29342cb1"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…