Lucene search
HistoryJul 24, 2014 - 2:55 p.m.
CVE-2014-4682
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.9%
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request.
Affected configurations
Node
siemenssimatic_pcs7Range≤8.0sp1
ORsiemenssimatic_pcs7Match7.1sp3
ORsiemenssimatic_pcs7Match8.0
ORsiemenswinccRange≤7.2
ORsiemenswinccMatch5.0
ORsiemenswinccMatch5.0sp1
ORsiemenswinccMatch6.0
ORsiemenswinccMatch6.0sp2
ORsiemenswinccMatch6.0sp3
ORsiemenswinccMatch6.0sp4
ORsiemenswinccMatch7.0
ORsiemenswinccMatch7.0sp1
ORsiemenswinccMatch7.0sp2
ORsiemenswinccMatch7.0sp3
ORsiemenswinccMatch7.1
ORsiemenswinccMatch7.1sp1
Related
prion
prion
Cross site request forgery (csrf)
2014-07-24 14:55:00
ptsecurity
ptsecurity
PT-2014-12: Information Disclosure in Siemens SIMATIC WinCC
2012-12-23 00:00:00
cvelist
cvelist
CVE-2014-4682
2014-07-24 14:00:00
cve
cve
CVE-2014-4682
2014-07-24 14:55:08
threatpost
threatpost
Siemens Patches Five Vulnerabilities in SIMATIC WinCC for PCS 7
2014-10-07 14:49:31
kaspersky
kaspersky
KLA10393 LPE & OSI vulnerabilities in Siemens Simatic WinCC
2014-07-23 00:00:00
ics
ics
Siemens SIMATIC WinCC Vulnerabilities (Update A)
2018-09-06 12:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.9%
Related for NVD:CVE-2014-4682