CVE-2023-29104

Опубликовано: 09 мая 2023

Источник: nvd

CVSS3: 6

CVSS3: 7.6

EPSS Низкий

Описание

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to overwrite any file the Linux user ccuser has write access to, or to download any file the Linux user ccuser has read-only access to.

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf
Patch
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:siemens:6gk1411-1ac00_firmware:2.0:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk1411-1ac00:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:siemens:6gk1411-5ac00_firmware:2.0:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk1411-5ac00:-:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00652

Низкий

6 Medium

CVSS3

7.6 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-phr4-r5wx-xcf6

CVSS3: 6

github

больше 2 лет назад

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to overwrite any file the Linux user `ccuser` has write access to, or to download any file the Linux user `ccuser` has read-only access to.

EPSS

Процентиль: 70%

0.00652

Низкий

6 Medium

CVSS3

7.6 High

CVSS3

Дефекты

CWE-22