Описание
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.5 (включая)
cpe:2.3:a:siemens:simatic_logon:*:sp3_update_1:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01711
Низкий
9 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-592
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9
github
больше 3 лет назад
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.
EPSS
Процентиль: 82%
0.01711
Низкий
9 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-592
NVD-CWE-noinfo