Wincc Tia Portal Security Vulnerabilities and Issues — Wincc Tia Portal CVE List

Lucene search

SiemensWincc Tia Portal

7 matches found

CVE•added 2013/03/21 2:55 p.m.•40 views

CVE-2013-0670

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

4.3CVSS7AI score0.00328EPSS

CVE•added 2013/03/21 2:55 p.m.•39 views

CVE-2013-0669

The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.

4CVSS6.3AI score0.00166EPSS

CVE•added 2013/03/21 2:55 p.m.•39 views

CVE-2013-0672

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.

3.5CVSS5.4AI score0.00241EPSS

CVE•added 2013/03/21 2:55 p.m.•38 views

CVE-2011-4515

Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access.

4.6CVSS5.8AI score0.00054EPSS

CVE•added 2013/03/21 2:55 p.m.•37 views

CVE-2013-0668

Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3CVSS5.7AI score0.00385EPSS

CVE•added 2013/03/21 2:55 p.m.•36 views

CVE-2013-0667

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3CVSS5.7AI score0.00385EPSS

CVE•added 2013/03/21 2:55 p.m.•34 views

CVE-2013-0671

Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.

4CVSS6.4AI score0.00181EPSS