VAR-201708-1508
Vulnerability from variot - Updated: 2023-12-18 13:19A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2) and SIMATIC WinCC Sm@rtClient for Android Lite (All versions before V1.0.2.2). An attacker with physical access to an unlocked mobile device, that has the affected app running, could bypass the app's authentication mechanism under certain conditions. Android for Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC WinCC Sm@rtClient for Android is a client program on Android. Siemens SIMATIC is an automation software in a single engineering environment. A security-bypass vulnerability 2. A local authentication-bypass vulnerability An attacker may leverage these issues to disclose sensitive information, perform certain unauthorized actions by conducting a man-in-the-middle attack, gain unauthorized access
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1508",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic wincc sm\\@rtclient lite",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0.2.1"
},
{
"model": "simatic wincc sm\\@rtclient",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0.2.1"
},
{
"model": "simatic wincc sm@rtclient",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "1.0.2.2"
},
{
"model": "simatic wincc sm@rtclient",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "all versions"
},
{
"model": "simatic wincc sm@rtclient lite",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "all versions"
},
{
"model": "simatic wincc sm@rtclient lite",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "1.0.2.2"
},
{
"model": "simatic wincc sm@rtclient for android",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "1.0.2.2"
},
{
"model": "simatic wincc sm@rtclient lite for android",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "1.0.2.2"
},
{
"model": "simatic wincc sm\\@rtclient",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1.0.2.1"
},
{
"model": "simatic wincc sm\\@rtclient lite",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1.0.2.1"
},
{
"model": "simatic wincc sm@rtclient lite for android",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.0.2"
},
{
"model": "simatic wincc sm@rtclient lite for android",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "01.00.00.00"
},
{
"model": "simatic wincc sm@rtclient for android",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.0.2"
},
{
"model": "simatic wincc sm@rtclient for android",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "01.00.00.00"
},
{
"model": "simatic wincc sm@rtclient lite for android",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.0.2.2"
},
{
"model": "simatic wincc sm@rtclient for android",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.0.2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc sm rtclient",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc sm rtclient lite",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0"
},
{
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"db": "BID",
"id": "99582"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"db": "NVD",
"id": "CVE-2017-6871"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_sm\\@rtclient_lite:*:*:*:*:*:android:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_sm\\@rtclient:*:*:*:*:*:android:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.2.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6871"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Karsten Sohr and Timo Glander from the TZI at the University of Bremen",
"sources": [
{
"db": "BID",
"id": "99582"
}
],
"trust": 0.3
},
"cve": "CVE-2017-6871",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-6871",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-14606",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-115074",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-6871",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6871",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-14606",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-626",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-115074",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0"
},
{
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"db": "VULHUB",
"id": "VHN-115074"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"db": "NVD",
"id": "CVE-2017-6871"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2) and SIMATIC WinCC Sm@rtClient for Android Lite (All versions before V1.0.2.2). An attacker with physical access to an unlocked mobile device, that has the affected app running, could bypass the app\u0027s authentication mechanism under certain conditions. Android for Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC WinCC Sm@rtClient for Android is a client program on Android. Siemens SIMATIC is an automation software in a single engineering environment. A security-bypass vulnerability\n2. A local authentication-bypass vulnerability\nAn attacker may leverage these issues to disclose sensitive information, perform certain unauthorized actions by conducting a man-in-the-middle attack, gain unauthorized access",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6871"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"db": "BID",
"id": "99582"
},
{
"db": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0"
},
{
"db": "VULHUB",
"id": "VHN-115074"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6871",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-589378",
"trust": 2.3
},
{
"db": "BID",
"id": "99582",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-17-194-03",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201703-626",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-14606",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006992",
"trust": 0.8
},
{
"db": "IVD",
"id": "AA04AA25-A2F9-467B-9EB1-3A6FA82523A0",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-115074",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0"
},
{
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"db": "VULHUB",
"id": "VHN-115074"
},
{
"db": "BID",
"id": "99582"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"db": "NVD",
"id": "CVE-2017-6871"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
]
},
"id": "VAR-201708-1508",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0"
},
{
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"db": "VULHUB",
"id": "VHN-115074"
}
],
"trust": 1.64523431
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0"
},
{
"db": "CNVD",
"id": "CNVD-2017-14606"
}
]
},
"last_update_date": "2023-12-18T13:19:25.130000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-589378",
"trust": 0.8,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-589378.pdf"
},
{
"title": "Siemens SIMATIC WinCC Sm@rtClient for Android authentication bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/98179"
},
{
"title": "Siemens SIMATIC WinCC Sm@rtClient for Android and Android Lite Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99679"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115074"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"db": "NVD",
"id": "CVE-2017-6871"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-589378.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/99582"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-194-03"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6871"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6871"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"db": "VULHUB",
"id": "VHN-115074"
},
{
"db": "BID",
"id": "99582"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"db": "NVD",
"id": "CVE-2017-6871"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0"
},
{
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"db": "VULHUB",
"id": "VHN-115074"
},
{
"db": "BID",
"id": "99582"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"db": "NVD",
"id": "CVE-2017-6871"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-15T00:00:00",
"db": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0"
},
{
"date": "2017-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"date": "2017-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-115074"
},
{
"date": "2017-07-13T00:00:00",
"db": "BID",
"id": "99582"
},
{
"date": "2017-09-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"date": "2017-08-08T00:29:00.260000",
"db": "NVD",
"id": "CVE-2017-6871"
},
{
"date": "2017-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-14606"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-115074"
},
{
"date": "2017-07-13T00:00:00",
"db": "BID",
"id": "99582"
},
{
"date": "2017-09-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006992"
},
{
"date": "2019-10-09T23:29:20.700000",
"db": "NVD",
"id": "CVE-2017-6871"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC Sm@rtClient for Android Authentication Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "aa04aa25-a2f9-467b-9eb1-3a6fa82523a0"
},
{
"db": "CNVD",
"id": "CNVD-2017-14606"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-626"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…