Lucene search
HistorySep 18, 2012 - 2:55 p.m.
CVE-2012-3030
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.1%
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request.
Affected configurations
Node
siemenssimatic_pcs7Match8.0
ORsiemenswinccRange≤7.0sp3
ORsiemenswinccMatch5.0
ORsiemenswinccMatch5.0sp1
ORsiemenswinccMatch6.0
ORsiemenswinccMatch6.0sp2
ORsiemenswinccMatch6.0sp3
ORsiemenswinccMatch6.0sp4
ORsiemenswinccMatch7.0
ORsiemenswinccMatch7.0sp1
ORsiemenswinccMatch7.0sp2
Related
prion
prion
Improper access control
2012-09-18 14:55:00
cve
cve
CVE-2012-3030
2022-10-03 16:15:23
cvelist
cvelist
CVE-2012-3030
2022-10-03 16:15:23
ptsecurity
ptsecurity
PT-2012-43: Arbitrary Files Reading in Siemens Simatic WinCC WebNavigator
2012-09-13 00:00:00
ics
ics
Siemens WinCC WebNavigator Multiple Vulnerabilities
2014-08-29 12:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.1%
Related for NVD:CVE-2012-3030