Описание
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint discloses some undocumented files. This could allow an unauthenticated remote attacker to gain access to additional information resources.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:siemens:6gk1411-1ac00_firmware:2.0:*:*:*:*:*:*:*
cpe:2.3:h:siemens:6gk1411-1ac00:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:siemens:6gk1411-5ac00_firmware:2.0:*:*:*:*:*:*:*
cpe:2.3:h:siemens:6gk1411-5ac00:-:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00362
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-552
CWE-552
Связанные уязвимости
CVSS3: 5.3
github
больше 2 лет назад
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint discloses some undocumented files. This could allow an unauthenticated remote attacker to gain access to additional information resources.
EPSS
Процентиль: 58%
0.00362
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-552
CWE-552