Описание
A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly authenticate users in the PUD Manager web service. This could allow an unauthenticated adjacent attacker to generate a privileged token and upload additional documents.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly authenticate users in the PUD Manager web service. This could allow an unauthenticated adjacent attacker to generate a privileged token and upload additional documents.
Уязвимость службы PUB Manager веб-системы управления технологическими процессами SIMATIC PCS neo, позволяющая нарушителю загрузить произвольные документы
EPSS
6.5 Medium
CVSS3