CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server port 80/tcp of the affected devices could allow unauthenticated remote attackers to execute arbitrary code on the affected devic...

10CVSS9.8AI score0.05646EPSS

Exploits2References2Affected Software1

OSV•added 2017/11/15 8:29 a.m.•2 views

CVE-2017-12738

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server port 80/tcp of the affected devices could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into clicking...

6.1CVSS5.8AI score0.00873EPSS

Exploits2References2

OSV•added 2017/11/15 8:29 a.m.•1 views

CVE-2017-12739

9.8CVSS6.2AI score0.05646EPSS

Exploits2References2

Prion•added 2017/11/15 8:29 a.m.•19 views

Cross site scripting

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server port 80/tcp of the affected devices could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into clicking...

4.3CVSS6.2AI score0.00873EPSS

Exploits2References2Affected Software1

Prion•added 2017/11/15 8:29 a.m.•16 views

Design/Logic Flaw

5CVSS6.2AI score0.01743EPSS

Exploits2References2Affected Software1

NVD•added 2017/11/15 8:29 a.m.•20 views

CVE-2017-12737

5.3CVSS6.3AI score0.01743EPSS

Exploits2References2

NVD•added 2017/11/15 8:29 a.m.•19 views

CVE-2017-12739

10CVSS9.9AI score0.05646EPSS

Exploits2References2

NVD•added 2017/11/15 8:29 a.m.•19 views

CVE-2017-12738

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server port 80/tcp of the affected devices could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into clicking...

6.1CVSS6.3AI score0.00873EPSS

Exploits2References2

Cvelist•added 2017/11/15 8:0 a.m.•16 views

CVE-2017-12738

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server port 80/tcp of the affected devices could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into clicking...

6AI score0.00873EPSS

Exploits2References2

Cvelist•added 2017/11/15 8:0 a.m.•21 views

CVE-2017-12737

5.3AI score0.01743EPSS

Exploits2References2

CVE•added 2017/11/15 8:0 a.m.•68 views

CVE-2017-12739

Siemens SICAM RTUs SM-2556 COM Modules with firmware ENOS00, ERAC00, ETA2, ETLS00, MODi00, DNPi00 expose a web server on port 80 that could allow unauthenticated remote attackers to execute arbitrary code (CVE-2017-12739). The issue is tied to code injection via the integrated web server; remedia...

10CVSS9.7AI score0.05646EPSS

Exploits2References2Affected Software1

CVE•added 2017/11/15 8:0 a.m.•59 views

CVE-2017-12738

CVE-2017-12738 concerns Cross-Site Scripting in the integrated web server of Siemens SICAM RTUs SM-2556 COM Modules (firmware ENOS00, ERAC00, ETA2, ETLS00, MODi00, DNPi00). The issue arises from XSS in the web interface, potentially gatecrashed by a malicious link, with user interaction required....

6.1CVSS5.9AI score0.00873EPSS

Exploits2References2Affected Software1

CVE•added 2017/11/15 8:0 a.m.•54 views

CVE-2017-12737

The CVE-2017-12737 entry applies to Siemens SICAM RTUs SM-2556 COM Modules (firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, DNPi00). The vulnerability arises from a missing authentication for a critical function: the integrated web server (port 80) could allow unauthenticated remote acces...

5.3CVSS5.2AI score0.01743EPSS

Exploits2References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by