Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2015-8214
HistoryNov 27, 2015 - 3:59 p.m.

CVE-2015-8214

2015-11-2715:59:00
CWE-264
[email protected]
web.nvd.nist.gov
2

CVSS2

9.7

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

71.3%

JSON

A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions < V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs’ configuration was stored on their corresponding CPUs.

Affected configurations

Nvd
Node
siemenssimatic_cp_443-1_firmware
OR
siemenssimatic_cp_443-1_firmwareadvanced
AND
siemenssimatic_cp_443-1
Node
siemenssimatic_tim_4r-ie_firmware
OR
siemenssimatic_tim_4r-ie_firmwarednp3
AND
siemenssimatic_tim_4r-ie
Node
siemenssimatic_cp_343-1_firmwarelean
OR
siemenssimatic_cp_343-1_firmwareRange3.0advanced
AND
siemenssimatic_cp_343-1Match-
Node
siemenssimatic_tim_3v-ie_firmwareMatch-
OR
siemenssimatic_tim_3v-ie_firmwareMatch-advanced
OR
siemenssimatic_tim_3v-ie_firmwareMatch-dnp3
AND
siemenssimatic_tim_3v-ie
VendorProductVersionCPE
siemenssimatic_cp_443-1_firmware*cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:*:*:*:*
siemenssimatic_cp_443-1_firmware*cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:advanced:*:*:*
siemenssimatic_cp_443-1*cpe:2.3:h:siemens:simatic_cp_443-1:*:*:*:*:*:*:*:*
siemenssimatic_tim_4r-ie_firmware*cpe:2.3:o:siemens:simatic_tim_4r-ie_firmware:*:*:*:*:*:*:*:*
siemenssimatic_tim_4r-ie_firmware*cpe:2.3:o:siemens:simatic_tim_4r-ie_firmware:*:*:*:*:dnp3:*:*:*
siemenssimatic_tim_4r-ie*cpe:2.3:h:siemens:simatic_tim_4r-ie:*:*:*:*:*:*:*:*
siemenssimatic_cp_343-1_firmware*cpe:2.3:o:siemens:simatic_cp_343-1_firmware:*:*:*:*:lean:*:*:*
siemenssimatic_cp_343-1_firmware*cpe:2.3:o:siemens:simatic_cp_343-1_firmware:*:*:*:*:advanced:*:*:*
siemenssimatic_cp_343-1-cpe:2.3:h:siemens:simatic_cp_343-1:-:*:*:*:*:*:*:*
siemenssimatic_tim_3v-ie_firmware-cpe:2.3:o:siemens:simatic_tim_3v-ie_firmware:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 131

Related

ics 2
prion 1
nessus 1
cvelist 1
cve 1
ics
ics
Siemens SIMATIC Communication Processor Vulnerability (Update C)
2021-04-13 12:00:00
Siemens SIMATIC Communication Processor Vulnerability (Update C)
2021-04-13 00:00:00
prion
prion
Code injection
2015-11-27 15:59:00
nessus
nessus
Siemens SIMATIC Communication Processor (CVE-2015-8214)
2023-05-02 00:00:00
cvelist
cvelist
CVE-2015-8214
2015-11-27 15:00:00
cve
cve
CVE-2015-8214
2015-11-27 15:59:00

CVSS2

9.7

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

71.3%

JSON
Related for NVD:CVE-2015-8214
ics2prion1nessus1cvelist1cve1