var-201905-0115
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities: 1. An information-disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A security vulnerability An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of correct validation of client data in WEB applications

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0115",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc \\",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi op",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi tp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi mp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi classic devices",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime professional update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.11"
      },
      {
        "model": "simatic wincc runtime advanced update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.11"
      },
      {
        "model": "simatic hmi ktp mobile update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic hmi comfort panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic hmi comfort outdoor panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "15.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "15.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "15.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens ProductCERT reported these vulnerabilities to NCCIC.,Siemens ProductCERT",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-6577",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 3.5,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-6577",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "VHN-158012",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.3,
            "impactScore": 2.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.4,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "CVE-2019-6577",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "Low",
            "scope": "Changed",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-6577",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-588",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-158012",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. A cross-site-scripting vulnerability\n3. A security vulnerability\nAn attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of correct validation of client data in WEB applications",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-6577",
        "trust": 2.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-09",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "108412",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-804486",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588",
        "trust": 0.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-54365",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-158012",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ]
  },
  "id": "VAR-201905-0115",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      }
    ],
    "trust": 0.7250837654545454
  },
  "last_update_date": "2023-12-18T12:28:16.242000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-804486",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
      },
      {
        "title": "Siemens SIMATIC Panels  and WinCC Fixes for cross-site scripting vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=92738"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/108412"
      },
      {
        "trust": 1.9,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-09"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6577"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-09"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6577"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29288"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108412"
      },
      {
        "date": "2019-06-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "date": "2019-05-14T20:29:04.623000",
        "db": "NVD",
        "id": "CVE-2019-6577"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108412"
      },
      {
        "date": "2019-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "date": "2019-05-22T16:29:01.823000",
        "db": "NVD",
        "id": "CVE-2019-6577"
      },
      {
        "date": "2019-05-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Product cross-site scripting vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.