exploitDog

GHSA-9j28-jmqh-8rph

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions), SIMATIC Process Historian 2014 (All versions < SP3 Update 6), SIMATIC Process Historian 2019 (All versions), SIMATIC Process Historian 2020 (All versions). An interface in the software that is used for critical functionalities lacks authentication, which could allow a malicious user to maliciously insert, modify or delete data.

A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions), SIMATIC Process Historian 2014 (All versions < SP3 Update 6), SIMATIC Process Historian 2019 (All versions), SIMATIC Process Historian 2020 (All versions). An interface in the software that is used for critical functionalities lacks authentication, which could allow a malicious user to maliciously insert, modify or delete data.

Ссылки

EPSS

Процентиль: 48%

0.00248

Низкий

CVE ID

Дефекты

CWE-306

Связанные уязвимости

CVE-2021-27395

CVSS3: 8.1

nvd

больше 4 лет назад

A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions), SIMATIC Process Historian 2014 (All versions < SP3 Update 6), SIMATIC Process Historian 2019 (All versions), SIMATIC Process Historian 2020 (All versions). An interface in the software that is used for critical functionalities lacks authentication, which could allow a malicious user to maliciously insert, modify or delete data.

EPSS

Процентиль: 48%

0.00248

Низкий

CVE ID

Дефекты

CWE-306