VAR-201705-3974
Vulnerability from variot - Updated: 2023-12-18 12:51A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface. Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional are industrial automation products from Siemens AG. SIMATIC WinCC is a monitoring and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is the control and monitoring of the operator's visual runtime platform machines and equipment. Multiple SIMATIC WinCC Products are prone to a denial-of-service vulnerability. The following products are vulnerable: SIMATIC WinCC 7.3 versions prior to 7.3 Update 11 SIMATIC WinCC 7.4 versions prior to 7.4 SP1 SIMATIC WinCC Runtime Professional 13 versions prior to 13 SP2 SIMATIC WinCC Runtime Professional 14 versions prior to 14 SP1 SIMATIC WinCC (TIA Portal) Professional 13 versions prior to 13 SP2 SIMATIC WinCC (TIA Portal) Professional 14 versions prior to 14 SP1. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. Security vulnerabilities exist in several Siemens products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-3974",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic wincc",
"scope": "eq",
"trust": 1.9,
"vendor": "siemens",
"version": "7.4"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 1.9,
"vendor": "siemens",
"version": "7.3"
},
{
"model": "simatic wincc runtime",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc runtime",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "14 sp1"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "7.3 update 11"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "7.4 sp1"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.3"
},
{
"model": "simatic wincc runtime professional",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "14 sp1"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "13 sp2"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.4"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "13 sp2"
},
{
"model": "simatic wincc runtime professional",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc upd",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v7.311"
},
{
"model": "simatic wincc sp1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v7.4"
},
{
"model": "simatic wincc runtime professional sp2",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v13"
},
{
"model": "simatic wincc runtime professional sp1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v14"
},
{
"model": "simatic wincc professional sp2",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v13"
},
{
"model": "simatic wincc professional sp1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v14"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.32"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.310"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.31"
},
{
"model": "simatic wincc runtime professional sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc runtime professional sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc professional sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc professional sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "7.4"
},
{
"model": "simatic wincc update",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "7.311"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc",
"version": "7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc",
"version": "7.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "13"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "14"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc runtime",
"version": "13"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc runtime",
"version": "14"
}
],
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14:*:*:*:professional:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13:sp1:*:*:professional:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:14:*:*:*:professional:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp1:*:*:professional:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6867"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Temnikov and Vladimir Dashchenko of the Kaspersky Lab Critical Infrastructure Defense Team",
"sources": [
{
"db": "BID",
"id": "98368"
}
],
"trust": 0.3
},
"cve": "CVE-2017-6867",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6867",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-06154",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-115070",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6867",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6867",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-06154",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-630",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-115070",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface. Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional are industrial automation products from Siemens AG. SIMATIC WinCC is a monitoring and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is the control and monitoring of the operator\u0027s visual runtime platform machines and equipment. Multiple SIMATIC WinCC Products are prone to a denial-of-service vulnerability. \nThe following products are vulnerable:\nSIMATIC WinCC 7.3 versions prior to 7.3 Update 11\nSIMATIC WinCC 7.4 versions prior to 7.4 SP1\nSIMATIC WinCC Runtime Professional 13 versions prior to 13 SP2\nSIMATIC WinCC Runtime Professional 14 versions prior to 14 SP1\nSIMATIC WinCC (TIA Portal) Professional 13 versions prior to 13 SP2\nSIMATIC WinCC (TIA Portal) Professional 14 versions prior to 14 SP1. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. Security vulnerabilities exist in several Siemens products",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "VULHUB",
"id": "VHN-115070"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6867",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-156872",
"trust": 2.3
},
{
"db": "BID",
"id": "98368",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-523365",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-06154",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-306-01",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-129-03",
"trust": 0.3
},
{
"db": "IVD",
"id": "81C5D14F-8537-4B60-AA16-B99AEC0C6E39",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-115070",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"id": "VAR-201705-3974",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
}
],
"trust": 1.561624812
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
}
]
},
"last_update_date": "2023-12-18T12:51:13.289000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-156872",
"trust": 0.8,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"
},
{
"title": "Patch for Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/176383"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/98368"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6867"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-01"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6867"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/cert/en/cert-security-advisories.htm"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-03"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-09T00:00:00",
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"date": "2017-05-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"date": "2017-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-115070"
},
{
"date": "2017-05-09T00:00:00",
"db": "BID",
"id": "98368"
},
{
"date": "2017-06-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"date": "2017-05-11T10:29:00.260000",
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"date": "2017-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"date": "2018-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-115070"
},
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "98368"
},
{
"date": "2018-06-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"date": "2018-06-14T01:29:31.133000",
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"date": "2017-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Siemens SIMATIC Vulnerability that can crash services in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…