Lucene search
HistoryApr 06, 2015 - 1:59 a.m.
CVE-2015-1602
siemens
simatic
step 7
tia portal
password storage
cleartext
local users
nvd
cve-2015-1602
6.5 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.
Affected configurations
Node
siemenssimatic_step_7Range≤13.0sp1
ORsiemenssimatic_step_7Match12.0
ORsiemenssimatic_step_7Match13.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| siemens:simatic_step_7 | siemens simatic step 7 | le | 13.0 |
| siemens:simatic_step_7 | siemens simatic step 7 | eq | 12.0 |
Related
prion
prion
Default credentials
2015-04-06 01:59:00
cvelist
cvelist
CVE-2015-1602
2015-04-06 01:00:00
nvd
nvd
CVE-2015-1602
2015-04-06 01:59:03
nessus
nessus
kaspersky
kaspersky
ics
ics
Siemens SIMATIC STEP 7 TIA Portal Vulnerabilities (Update A)
2018-08-27 12:00:00
6.5 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2015-1602