Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-6865

Опубликовано: 11 мая 2017
Источник: nvd
CVSS3: 6.5
CVSS2: 6.1
EPSS Низкий

Описание

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:siemens:pcs_7:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:primary_setup_tool:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:security_configuration_tool:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_automation_tool:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_net_pc-software:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7_\(tia_portal\):5.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7_\(tia_portal\):13.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7_\(tia_portal\):14.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7_micro\/win_smart:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_winac_rtx_2010:-:sp2:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_winac_rtx_f_2010:-:sp2:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc_\(tia_portal\):13.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc_\(tia_portal\):14.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc_flexible_2008:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinaut_st7cc:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_server:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinumerik_808d_programming_tool:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:smart_pc_access:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00084
Низкий

6.5 Medium

CVSS3

6.1 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

github логотип

GHSA-8jhv-ch7h-fqpj

CVSS3: 6.5
github
больше 3 лет назад

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming To...

fstec логотип

BDU:2019-00766

CVSS3: 6.5
fstec
больше 8 лет назад

Уязвимость сетевого программного обеспечения Siemens, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 25%
0.00084
Низкий

6.5 Medium

CVSS3

6.1 Medium

CVSS2

Дефекты

CWE-20