PT-2013-2523 · Siemens · Siemens Wincc+1
Gleb Gritsay
+1
·
Publicado
2013-03-21
·
Atualizado
2013-03-22
·
CVE-2013-0678
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Siemens WinCC versions prior to 7.2
SIMATIC PCS7 versions prior to 8.0 SP1
Description
The issue is related to the improper representation of WebNavigator credentials in a database. This makes it easier for remote authenticated users to obtain sensitive information via a SQL query.
Recommendations
For Siemens WinCC versions prior to 7.2, update to version 7.2 or later.
For SIMATIC PCS7 versions prior to 8.0 SP1, update to version 8.0 SP1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Simatic Pcs7
Siemens Wincc