CVE-2015-5386

Опубликовано: 16 июл. 2015

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests.

Ссылки

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-632547.pdf
Patch
Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-15-195-01
Third Party Advisory
US Government Resource
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-632547.pdf
Patch
Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-15-195-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:siemens:sicam_mic_firmware:*:*:*:*:*:*:*:*

Версия до 2403 (включая)

cpe:2.3:h:siemens:sicam_mic:*:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00725

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-683w-fmw9-jrgg

github

больше 3 лет назад