CVE Vulnerabilities

CVE-2014-4683

Published: Jul 24, 2014 | Modified: Jul 25, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.9 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request.

Affected Software

Name Vendor Start Version End Version
Simatic_pcs7 Siemens * 8.0 (including)
Simatic_pcs7 Siemens 7.1-sp3 (including) 7.1-sp3 (including)
Simatic_pcs7 Siemens 8.0 (including) 8.0 (including)
Wincc Siemens * 7.2 (including)
Wincc Siemens 5.0 (including) 5.0 (including)
Wincc Siemens 5.0-sp1 (including) 5.0-sp1 (including)
Wincc Siemens 6.0 (including) 6.0 (including)
Wincc Siemens 6.0-sp2 (including) 6.0-sp2 (including)
Wincc Siemens 6.0-sp3 (including) 6.0-sp3 (including)
Wincc Siemens 6.0-sp4 (including) 6.0-sp4 (including)
Wincc Siemens 7.0 (including) 7.0 (including)
Wincc Siemens 7.0-sp1 (including) 7.0-sp1 (including)
Wincc Siemens 7.0-sp2 (including) 7.0-sp2 (including)
Wincc Siemens 7.0-sp3 (including) 7.0-sp3 (including)
Wincc Siemens 7.1 (including) 7.1 (including)
Wincc Siemens 7.1-sp1 (including) 7.1-sp1 (including)

References