var-201705-3974
Vulnerability from variot
A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface. Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional are industrial automation products from Siemens AG. SIMATIC WinCC is a monitoring and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is the control and monitoring of the operator's visual runtime platform machines and equipment. Multiple SIMATIC WinCC Products are prone to a denial-of-service vulnerability. The following products are vulnerable: SIMATIC WinCC 7.3 versions prior to 7.3 Update 11 SIMATIC WinCC 7.4 versions prior to 7.4 SP1 SIMATIC WinCC Runtime Professional 13 versions prior to 13 SP2 SIMATIC WinCC Runtime Professional 14 versions prior to 14 SP1 SIMATIC WinCC (TIA Portal) Professional 13 versions prior to 13 SP2 SIMATIC WinCC (TIA Portal) Professional 14 versions prior to 14 SP1. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. Security vulnerabilities exist in several Siemens products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-3974",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic wincc",
"scope": "eq",
"trust": 1.9,
"vendor": "siemens",
"version": "7.4"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 1.9,
"vendor": "siemens",
"version": "7.3"
},
{
"model": "simatic wincc runtime",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc runtime",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc \\",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "14 sp1"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "7.3 update 11"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "7.4 sp1"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.3"
},
{
"model": "simatic wincc runtime professional",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "14 sp1"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "13 sp2"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "7.4"
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "13 sp2"
},
{
"model": "simatic wincc runtime professional",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc upd",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v7.311"
},
{
"model": "simatic wincc sp1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v7.4"
},
{
"model": "simatic wincc runtime professional sp2",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v13"
},
{
"model": "simatic wincc runtime professional sp1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v14"
},
{
"model": "simatic wincc professional sp2",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v13"
},
{
"model": "simatic wincc professional sp1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v14"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.32"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.310"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.31"
},
{
"model": "simatic wincc runtime professional sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc runtime professional sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc professional sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "14"
},
{
"model": "simatic wincc professional sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "7.4"
},
{
"model": "simatic wincc update",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "7.311"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc",
"version": "7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc",
"version": "7.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "13"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc tia portal",
"version": "14"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc runtime",
"version": "13"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc runtime",
"version": "14"
}
],
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14:*:*:*:professional:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13:sp1:*:*:professional:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:14:*:*:*:professional:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp1:*:*:professional:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6867"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Temnikov and Vladimir Dashchenko of the Kaspersky Lab Critical Infrastructure Defense Team",
"sources": [
{
"db": "BID",
"id": "98368"
}
],
"trust": 0.3
},
"cve": "CVE-2017-6867",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6867",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-06154",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-115070",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6867",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6867",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-06154",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-630",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-115070",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface. Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional are industrial automation products from Siemens AG. SIMATIC WinCC is a monitoring and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is the control and monitoring of the operator\u0027s visual runtime platform machines and equipment. Multiple SIMATIC WinCC Products are prone to a denial-of-service vulnerability. \nThe following products are vulnerable:\nSIMATIC WinCC 7.3 versions prior to 7.3 Update 11\nSIMATIC WinCC 7.4 versions prior to 7.4 SP1\nSIMATIC WinCC Runtime Professional 13 versions prior to 13 SP2\nSIMATIC WinCC Runtime Professional 14 versions prior to 14 SP1\nSIMATIC WinCC (TIA Portal) Professional 13 versions prior to 13 SP2\nSIMATIC WinCC (TIA Portal) Professional 14 versions prior to 14 SP1. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. Security vulnerabilities exist in several Siemens products",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "VULHUB",
"id": "VHN-115070"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6867",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-156872",
"trust": 2.3
},
{
"db": "BID",
"id": "98368",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-523365",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-06154",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-306-01",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-129-03",
"trust": 0.3
},
{
"db": "IVD",
"id": "81C5D14F-8537-4B60-AA16-B99AEC0C6E39",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-115070",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"id": "VAR-201705-3974",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
}
],
"trust": 1.561624812
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
}
]
},
"last_update_date": "2023-12-18T12:51:13.289000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-156872",
"trust": 0.8,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"
},
{
"title": "Patch for Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/176383"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/98368"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6867"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-01"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6867"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/cert/en/cert-security-advisories.htm"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-03"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"db": "VULHUB",
"id": "VHN-115070"
},
{
"db": "BID",
"id": "98368"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-09T00:00:00",
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"date": "2017-05-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"date": "2017-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-115070"
},
{
"date": "2017-05-09T00:00:00",
"db": "BID",
"id": "98368"
},
{
"date": "2017-06-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"date": "2017-05-11T10:29:00.260000",
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"date": "2017-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06154"
},
{
"date": "2018-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-115070"
},
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "98368"
},
{
"date": "2018-06-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004058"
},
{
"date": "2018-06-14T01:29:31.133000",
"db": "NVD",
"id": "CVE-2017-6867"
},
{
"date": "2017-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Siemens SIMATIC Vulnerability that can crash services in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004058"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-630"
}
],
"trust": 0.8
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.