CVE Vulnerabilities

CVE-2017-2684

DEPRECATED: Authentication Bypass Issues

Published: Feb 22, 2017 | Modified: Nov 21, 2024
CVSS 3.x
9
CRITICAL
Source:
NVD
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.

Weakness

This weakness has been deprecated because it covered redundant concepts already described in CWE-287.

Affected Software

Name Vendor Start Version End Version
Simatic_logon Siemens * 1.5 (including)

References