Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2016-4785
HistoryMay 31, 2016 - 1:59 a.m.

CVE-2016-4785

2016-05-3101:59:14
CWE-200
[email protected]
web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.8%

JSON

A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices.

Affected configurations

NVD
Node
siemenssiprotec_4_en100Match-
OR
siemenssiprotec_compact_modelMatch-
AND
siemenssiprotec_firmwareMatch4.26
Node
siemenssiprotec_compact_model_7rw80Match-
OR
siemenssiprotec_compact_model_7sd80Match-
OR
siemenssiprotec_compact_model_7sj80Match-
OR
siemenssiprotec_compact_model_7sj81Match-
OR
siemenssiprotec_compact_model_7sk80Match-
OR
siemenssiprotec_compact_model_7sk81Match-
AND
siemenssiprotec_firmwareMatch-

Related

prion 1
cvelist 1
nessus 2
cve 1
ics 10
prion
prion
Design/Logic Flaw
2016-05-31 01:59:00
cvelist
cvelist
CVE-2016-4785
2017-07-04 00:00:00
nessus
nessus
Siemens SIPROTEC Information Disclosure (CVE-2016-4785)
2022-02-07 00:00:00
Siemens Siprotec Exposure of Sensitive Information to an Unauthorized Actor
2019-11-08 00:00:00
cve
cve
CVE-2016-4785
2017-07-04 00:00:00
ics
ics
Siemens SIPROTEC Information Disclosure Vulnerabilities (Update B)
2018-05-17 12:00:00
Siemens Reyrolle
2017-07-06 12:00:00
Siemens SWT3000
2017-11-30 12:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.8%

JSON
Related for NVD:CVE-2016-4785
prion1cvelist1nessus2cve1ics10