Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSiemensCVELIST:CVE-2017-12734
HistoryAug 30, 2017 - 7:00 p.m.

CVE-2017-12734

2017-08-3019:00:00
CWE-895
siemens
www.cve.org

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.5%

JSON

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V1.81.2). An attacker with network access to the integrated web server on port 80/tcp could obtain the session ID of an active user session. A user must be logged in to the web interface. Siemens recommends to use the integrated webserver on port 80/tcp only in trusted networks.

CNA Affected

[
  {
    "product": "LOGO! 8 BM (incl. SIPLUS variants)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V1.81.2"
      }
    ]
  }
]

Related

nessus 1
cve 1
prion 1
nvd 1
ics 1
threatpost 1
nessus
nessus
Siemens LOGO! Insufficiently Protected Credentials (CVE-2017-12734)
2023-09-21 00:00:00
cve
cve
CVE-2017-12734
2017-08-30 19:29:00
prion
prion
Design/Logic Flaw
2017-08-30 19:29:00
nvd
nvd
CVE-2017-12734
2017-08-30 19:29:00
ics
ics
Siemens LOGO! (Update A)
2020-12-08 12:00:00
threatpost
threatpost
Siemens Fixes Session Hijacking Bug in LOGO!, Warns of Man-in-the-Middle Attacks
2017-08-30 13:11:41

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.5%

JSON
Related for CVELIST:CVE-2017-12734
nessus1cve1prion1nvd1ics1threatpost1