mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-19 17:32:41 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
c487cd6747
commit
9aa235c1a2
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1). Specially crafted packets sent to port 102/tcp via Ethernet interface, via PROFIBUS, or via Multi Point Interfaces (MPI) could cause the affected devices to go into defect mode. Manual reboot is required to resume normal operation. Successful exploitation requires an attacker to be able to send specially crafted packets to port 102/tcp via Ethernet interface, via PROFIBUS or Multi Point Interfaces (MPI). No user interaction and no user privileges are required to exploit the security vulnerability. The vulnerability could allow causing a denial of service condition of the core functionality of the CPU, compromising the availability of the system."
|
||||
"value": "A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-2 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-2 DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 417-4 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 V7 (All versions), SIPLUS S7-400 CPU 417-4 V7 (All versions). Specially crafted packets sent to port 102/tcp via Ethernet interface, via\r\nPROFIBUS, or via Multi Point Interfaces (MPI) could cause the affected\r\ndevices to go into defect mode. Manual reboot is required to resume normal\r\noperation.\r\n\r\nSuccessful exploitation requires an attacker to be able to send specially\r\ncrafted packets to port 102/tcp via Ethernet interface, via PROFIBUS or Multi\r\nPoint Interfaces (MPI). No user interaction and no user privileges are\r\nrequired to exploit the security vulnerability. The vulnerability could allow\r\ncausing a denial of service condition of the core functionality of the CPU,\r\ncompromising the availability of the system."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -35,13 +35,156 @@
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 412-1 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 412-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-3 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414F-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-3 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416F-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416F-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 417-4 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 CPU 412-2 PN V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -51,8 +194,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V6.0.9",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V6.0.9"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -62,19 +205,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -84,8 +216,52 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V8.2.1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V8.2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 414-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 416-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 416-3 V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 417-4 V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1). Sending of specially crafted packets to port 102/tcp via Ethernet interface via PROFIBUS or Multi Point Interfaces (MPI) could cause a denial of service condition on affected devices. Flashing with a firmware image may be required to recover the CPU. Successful exploitation requires an attacker to have network access to port 102/tcp via Ethernet interface or to be able to send messages via PROFIBUS or Multi Point Interfaces (MPI) to the device. No user interaction is required. If no access protection is configured, no privileges are required to exploit the security vulnerability. The vulnerability could allow causing a denial of service condition of the core functionality of the CPU, compromising the availability of the system."
|
||||
"value": "A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-2 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-2 DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 417-4 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 V7 (All versions), SIPLUS S7-400 CPU 417-4 V7 (All versions). Sending of specially crafted packets to port 102/tcp via Ethernet interface\r\nvia PROFIBUS or Multi Point Interfaces (MPI) could cause a denial of service\r\ncondition on affected devices. Flashing with a firmware image may be required\r\nto recover the CPU.\r\n\r\nSuccessful exploitation requires an attacker to have network access to port\r\n102/tcp via Ethernet interface or to be able to send messages via PROFIBUS or\r\nMulti Point Interfaces (MPI) to the device. No user interaction is required.\r\nIf no access protection is configured, no privileges are required to exploit\r\nthe security vulnerability. The vulnerability could allow causing a\r\ndenial of service condition of the core functionality of the CPU,\r\ncompromising the availability of the system."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -35,13 +35,156 @@
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 412-1 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 412-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-3 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414F-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-3 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416F-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416F-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 417-4 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 CPU 412-2 PN V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -51,8 +194,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V6.0.9",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V6.0.9"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -62,19 +205,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -84,8 +216,52 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V8.2.1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V8.2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 414-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 416-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 416-3 V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 417-4 V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted\r\nPROFINET DCP packet could cause a Denial-of-Service condition of the requesting\r\nsystem.\r\n\r\nThe security vulnerability could be exploited by an attacker located on\r\nthe same Ethernet segment (OSI Layer 2) as the targeted device. Successful\r\nexploitation requires no user interaction or privileges and impacts the\r\navailability of core functionality of the affected device. A manual restart\r\nis required to recover the system.\r\n\r\nAt the time of advisory publication no public exploitation of this security\r\nvulnerability is known. Siemens provides mitigations to resolve the\r\nsecurity issue. PROFIBUS interfaces are not affected."
|
||||
"value": "A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system.\r\n\r\nThe security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -35,6 +35,50 @@
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414F-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416F-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
@ -270,6 +314,17 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 CPU 412-2 PN V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
@ -292,17 +347,6 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
@ -446,6 +490,28 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 414-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 416-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Softnet PROFINET IO for PC-based Windows systems",
|
||||
"version": {
|
||||
@ -476,8 +542,8 @@
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
|
||||
"baseScore": 5.3,
|
||||
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7, SIMATIC S7-400 CPU 412-2 DP V7, SIMATIC S7-400 CPU 412-2 PN/DP V7, SIMATIC S7-400 CPU 414-2 DP V7, SIMATIC S7-400 CPU 414-3 DP V7, SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-2 DP V7, SIMATIC S7-400 CPU 416-3 DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-2 DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, SIMATIC S7-400 CPU 417-4 DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SCALANCE X-200IRT switch family (incl. SIPLUS NET variants), SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC NET CP 1604, SIMATIC NET CP 1616, SIMATIC PN/PN Coupler (incl. SIPLUS NET variants), SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC WinAC RTX 2010, SIMATIC WinAC RTX F 2010, SIMOTION, SINAMICS DCM, SINAMICS DCP, SINAMICS G110M V4.7 Control Unit, SINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS G130 V4.7 Control Unit, SINAMICS G150 Control Unit, SINAMICS GH150 V4.7 Control Unit, SINAMICS GL150 V4.7 Control Unit, SINAMICS GM150 V4.7 Control Unit, SINAMICS S110 Control Unit, SINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants), SINAMICS S150 Control Unit, SINAMICS SL150 V4.7 Control Unit, SINAMICS SM120 V4.7 Control Unit, SINUMERIK 828D, SINUMERIK 840D sl, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP, SIPLUS S7-400 CPU 414-3 PN/DP V7, SIPLUS S7-400 CPU 416-3 PN/DP V7, SIPLUS S7-400 CPU 416-3 V7, SIPLUS S7-400 CPU 417-4 V7. An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation."
|
||||
"value": "A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SCALANCE X-200IRT switch family (incl. SIPLUS NET variants), SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC NET CP 1604, SIMATIC NET CP 1616, SIMATIC PN/PN Coupler (incl. SIPLUS NET variants), SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 CPU 412-2 PN V7, SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC WinAC RTX 2010, SIMATIC WinAC RTX F 2010, SIMOTION, SINAMICS DCM, SINAMICS DCP, SINAMICS G110M V4.7 Control Unit, SINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS G130 V4.7 Control Unit, SINAMICS G150 Control Unit, SINAMICS GH150 V4.7 Control Unit, SINAMICS GL150 V4.7 Control Unit, SINAMICS GM150 V4.7 Control Unit, SINAMICS S110 Control Unit, SINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants), SINAMICS S150 Control Unit, SINAMICS SL150 V4.7 Control Unit, SINAMICS SM120 V4.7 Control Unit, SINUMERIK 828D, SINUMERIK 840D sl, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP, SIPLUS S7-400 CPU 414-3 PN/DP V7, SIPLUS S7-400 CPU 416-3 PN/DP V7. An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -35,61 +35,6 @@
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 412-1 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 412-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 412-2 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-3 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-3 PN/DP V7",
|
||||
"version": {
|
||||
@ -112,28 +57,6 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-3 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-3 PN/DP V7",
|
||||
"version": {
|
||||
@ -145,17 +68,6 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416F-2 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416F-3 PN/DP V7",
|
||||
"version": {
|
||||
@ -167,17 +79,6 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 417-4 DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
|
||||
"version": {
|
||||
@ -596,6 +497,17 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 CPU 412-2 PN V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
@ -914,28 +826,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 416-3 V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 417-4 V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SIMATIC CFU PA, SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET200AL, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC PROFINET Driver, SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010, SIMATIC WinAC RTX F 2010, SINAMICS DCM, SINAMICS DCP, SINAMICS G110M V4.7 PN Control Unit, SINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants), SINAMICS G130 V4.7 Control Unit, SINAMICS G150 Control Unit, SINAMICS GH150 V4.7 Control Unit, SINAMICS GL150 V4.7 Control Unit, SINAMICS GM150 V4.7 Control Unit, SINAMICS S110 Control Unit, SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS S150 Control Unit, SINAMICS SL150 V4.7 Control Unit, SINAMICS SM120 V4.7 Control Unit, SINUMERIK 828D, SINUMERIK 840D sl, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS NET PN/PN Coupler, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP. Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial-of-service condition."
|
||||
"value": "A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SIMATIC CFU PA, SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET200AL, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC PROFINET Driver, SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 CPU 412-2 PN V7, SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010, SIMATIC WinAC RTX F 2010, SINAMICS DCM, SINAMICS DCP, SINAMICS G110M V4.7 PN Control Unit, SINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants), SINAMICS G130 V4.7 Control Unit, SINAMICS G150 Control Unit, SINAMICS GH150 V4.7 Control Unit, SINAMICS GL150 V4.7 Control Unit, SINAMICS GM150 V4.7 Control Unit, SINAMICS S110 Control Unit, SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS S150 Control Unit, SINAMICS SL150 V4.7 Control Unit, SINAMICS SM120 V4.7 Control Unit, SINUMERIK 828D, SINUMERIK 840D sl, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS NET PN/PN Coupler, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP, SIPLUS S7-400 CPU 414-3 PN/DP V7, SIPLUS S7-400 CPU 416-3 PN/DP V7. Affected devices improperly handle large amounts of specially crafted UDP packets.\r\n\r\nThis could allow an unauthenticated remote attacker to trigger a denial of service condition."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -35,13 +35,57 @@
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 414F-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": " SIMATIC S7-400 CPU 416F-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -51,8 +95,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -62,8 +106,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.6 Patch 01",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.6 Patch 01"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -73,8 +117,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V1.2.0",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V1.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -84,8 +128,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -95,8 +139,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -106,8 +150,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -117,8 +161,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -128,8 +172,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -139,8 +183,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V2.0",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -150,8 +194,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -161,8 +205,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -172,8 +216,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -183,8 +227,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -194,8 +238,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -205,8 +249,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -216,8 +260,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -227,8 +271,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -238,8 +282,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -249,8 +293,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -260,8 +304,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -271,8 +315,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -282,8 +326,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -293,8 +337,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -304,8 +348,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -315,8 +359,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.3.0",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.3.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -326,8 +370,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.4.0",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.4.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -337,8 +381,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -348,8 +392,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -359,8 +403,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -370,8 +414,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -381,8 +425,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V1.2.1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V1.2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -392,8 +436,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.2.2",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.2.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -403,8 +447,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.0.1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.0.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -414,8 +458,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -425,8 +469,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.2.2",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.2.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -436,8 +480,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.2.1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -447,8 +491,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -458,8 +502,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -469,8 +513,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -480,8 +524,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.2.1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -491,8 +535,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V2.1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -502,8 +546,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.4.0",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.4.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -513,8 +557,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V2.0",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -524,8 +568,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V2.0",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -535,8 +579,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.3.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.3.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -546,8 +590,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -557,8 +601,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -568,8 +612,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -579,8 +623,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -590,8 +634,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -601,8 +645,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -612,8 +656,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -623,8 +667,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -634,8 +678,19 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 CPU 412-2 PN V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -645,8 +700,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V6.0.9",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V6.0.9"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -656,19 +711,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -678,8 +722,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V8.2.2",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V8.2.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -689,8 +733,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V1.1.8",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V1.1.8"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -700,8 +744,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V1.1.1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V1.1.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -711,8 +755,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V2010 SP3",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2010 SP3"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -722,8 +766,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V2010 SP3",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2010 SP3"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -733,8 +777,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V1.5 HF1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V1.5 HF1"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -744,8 +788,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V1.3",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V1.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -755,8 +799,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.7 SP10 HF5",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.7 SP10 HF5"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -766,8 +810,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.7 SP10 HF5",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.7 SP10 HF5"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -777,8 +821,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < 4.8",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < 4.8"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -788,8 +832,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < 4.8",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < 4.8"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -799,8 +843,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -810,8 +854,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -821,8 +865,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -832,8 +876,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -843,8 +887,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -854,8 +898,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < 4.8",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < 4.8"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -865,8 +909,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.7 HF33",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.7 HF33"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -876,8 +920,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -887,8 +931,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.8 SP5",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.8 SP5"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -898,8 +942,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.8 SP6",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.8 SP6"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -909,8 +953,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -920,8 +964,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -931,8 +975,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V4.2.1",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V4.2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -942,8 +986,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.3.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.3.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -953,8 +997,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -964,8 +1008,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -975,8 +1019,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -986,8 +1030,30 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "All versions < V3.2.17",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V3.2.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 414-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS S7-400 CPU 416-3 PN/DP V7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V7.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -881,7 +881,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V5.2"
|
||||
"version_value": "All versions < V5.1 SP1 HF8"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518F-4 PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
|
||||
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518F-4 PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -554,7 +554,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions < V30.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518F-4 PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
|
||||
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518F-4 PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -554,7 +554,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions < V30.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518F-4 PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
|
||||
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518F-4 PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -554,7 +554,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions < V30.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518F-4 PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
|
||||
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518F-4 PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -554,7 +554,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions < V30.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -657,7 +657,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions < V30.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -811,7 +811,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V17 Update 5"
|
||||
"version_value": "All versions < VX.17 Update 5"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path."
|
||||
"value": "A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server\u00a0 (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions < V17 Update 6). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -85,7 +85,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions < V17 Update 6"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product."
|
||||
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -171,28 +171,6 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC IPC DiagBase",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC IPC DiagMonitor",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
|
||||
"version": {
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
|
||||
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -171,28 +171,6 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC IPC DiagBase",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC IPC DiagMonitor",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
|
||||
"version": {
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
|
||||
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -171,28 +171,6 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC IPC DiagBase",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC IPC DiagMonitor",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
|
||||
"version": {
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -1,17 +1,94 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-46822",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "audit@patchstack.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in JC Development Team WooCommerce JazzCash Gateway Plugin plugin <=\u00a02.0 versions."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
|
||||
"cweId": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "JC Development Team",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "WooCommerce JazzCash Gateway Plugin",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "n/a",
|
||||
"version_value": "2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/jazzcash-woocommerce-gateway/wordpress-woocommerce-jazzcash-gateway-plugin-plugin-2-0-cross-site-scripting-xss?_s_id=cve",
|
||||
"refsource": "MISC",
|
||||
"name": "https://patchstack.com/database/vulnerability/jazzcash-woocommerce-gateway/wordpress-woocommerce-jazzcash-gateway-plugin-plugin-2-0-cross-site-scripting-xss?_s_id=cve"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "minhtuanact (Patchstack Alliance)"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 7.1,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,94 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-46844",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "audit@patchstack.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in PixelGrade PixFields plugin <=\u00a00.7.0 versions."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
|
||||
"cweId": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "PixelGrade",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "PixFields",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "n/a",
|
||||
"version_value": "0.7.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/pixfields/wordpress-pixfields-plugin-0-7-0-auth-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"refsource": "MISC",
|
||||
"name": "https://patchstack.com/database/vulnerability/pixfields/wordpress-pixfields-plugin-0-7-0-auth-cross-site-scripting-xss-vulnerability?_s_id=cve"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Justiice (Patchstack Alliance)"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,122 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-46858",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "audit@patchstack.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Amin A.Rezapour Product Specifications for Woocommerce plugin <=\u00a00.6.0 versions."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
|
||||
"cweId": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Amin A.Rezapour",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Product Specifications for Woocommerce",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "0.7.0",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "0.6.0",
|
||||
"status": "affected",
|
||||
"version": "n/a",
|
||||
"versionType": "custom"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/product-specifications/wordpress-product-specifications-for-woocommerce-plugin-0-6-0-cross-site-scripting-xss?_s_id=cve",
|
||||
"refsource": "MISC",
|
||||
"name": "https://patchstack.com/database/vulnerability/product-specifications/wordpress-product-specifications-for-woocommerce-plugin-0-6-0-cross-site-scripting-xss?_s_id=cve"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"supportingMedia": [
|
||||
{
|
||||
"base64": false,
|
||||
"type": "text/html",
|
||||
"value": "Update to 0.7.0 or a higher version."
|
||||
}
|
||||
],
|
||||
"value": "Update to\u00a00.7.0 or a higher version."
|
||||
}
|
||||
],
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "TEAM WEBoB of BoB 11th (Patchstack Alliance)"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 7.1,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,94 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-46864",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "audit@patchstack.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin <=\u00a00.1 versions."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
|
||||
"cweId": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Umair Saleem",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Woocommerce Custom Checkout Fields Editor With Drag & Drop",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "n/a",
|
||||
"version_value": "0.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/woo-custom-checkout-fields/wordpress-woocommerce-custom-checkout-fields-editor-with-drag-drop-plugin-0-1-cross-site-scripting-xss?_s_id=cve",
|
||||
"refsource": "MISC",
|
||||
"name": "https://patchstack.com/database/vulnerability/woo-custom-checkout-fields/wordpress-woocommerce-custom-checkout-fields-editor-with-drag-drop-plugin-0-1-cross-site-scripting-xss?_s_id=cve"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "TEAM WEBoB of BoB 11th (Patchstack Alliance)"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 7.1,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,122 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-23647",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "audit@patchstack.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Sk. Abul Hasan Team Member \u2013 Team with Slider plugin <=\u00a04.4 versions."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
|
||||
"cweId": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Sk. Abul Hasan",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Team Member \u2013 Team with Slider",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "4.5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "4.4",
|
||||
"status": "affected",
|
||||
"version": "n/a",
|
||||
"versionType": "custom"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/team-showcase-supreme/wordpress-team-member-team-with-slider-plugin-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"refsource": "MISC",
|
||||
"name": "https://patchstack.com/database/vulnerability/team-showcase-supreme/wordpress-team-member-team-with-slider-plugin-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"supportingMedia": [
|
||||
{
|
||||
"base64": false,
|
||||
"type": "text/html",
|
||||
"value": "Update to 4.5 or a higher version."
|
||||
}
|
||||
],
|
||||
"value": "Update to\u00a04.5 or a higher version."
|
||||
}
|
||||
],
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Rio Darmawan (Patchstack Alliance)"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5.9,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in TIA Portal V15 (All versions), TIA Portal V16 (All versions), TIA Portal V17 (All versions), TIA Portal V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution."
|
||||
"value": "A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -36,7 +36,7 @@
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "TIA Portal V15",
|
||||
"product_name": "Totally Integrated Automation Portal (TIA Portal) V15",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
@ -47,7 +47,7 @@
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "TIA Portal V16",
|
||||
"product_name": "Totally Integrated Automation Portal (TIA Portal) V16",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
@ -58,18 +58,18 @@
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "TIA Portal V17",
|
||||
"product_name": "Totally Integrated Automation Portal (TIA Portal) V17",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions < V17 Update 6"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "TIA Portal V18",
|
||||
"product_name": "Totally Integrated Automation Portal (TIA Portal) V18",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
|
||||
@ -1,17 +1,73 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-27407",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user input, making it susceptible to command injection. This could allow an authenticated remote attacker to access the underlying operating system as the root user."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
|
||||
"cweId": "CWE-77"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SCALANCE LPE9403",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
|
||||
"baseScore": 9.9,
|
||||
"baseSeverity": "CRITICAL"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,73 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-27408",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of `-rw-rw-rw-`. This file is used as a mutex for multiple applications interacting with i2c. This could allow an authenticated attacker with access to the SSH interface on the affected device to interfere with the integrity of the mutex and the data it protects."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-378: Creation of Temporary File With Insecure Permissions",
|
||||
"cweId": "CWE-378"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SCALANCE LPE9403",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
|
||||
"baseScore": 3.3,
|
||||
"baseSeverity": "LOW"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,73 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-27409",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
|
||||
"cweId": "CWE-22"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SCALANCE LPE9403",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
|
||||
"baseScore": 2.5,
|
||||
"baseSeverity": "LOW"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,73 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-27410",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-122: Heap-based Buffer Overflow",
|
||||
"cweId": "CWE-122"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SCALANCE LPE9403",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
|
||||
"baseScore": 2.7,
|
||||
"baseSeverity": "LOW"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.40), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MU85 (CP300) (All versions < V9.40), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.40), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.40), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.40), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.40), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.40), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.40), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.40), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.40), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.40), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.40), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.40), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions < V9.40), SIPROTEC 5 7SX82 (CP150) (All versions < V9.40), SIPROTEC 5 7SX85 (CP300) (All versions < V9.40), SIPROTEC 5 7UM85 (CP300) (All versions < V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.40), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.40), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.40), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.40), SIPROTEC 5 7VE85 (CP300) (All versions < V9.40), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.40), SIPROTEC 5 7VU85 (CP300) (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.40). Affected devices lack proper validation of http request parameters of the hosted web service.\r\nAn unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device."
|
||||
"value": "A vulnerability has been identified in SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.40), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.40), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.40), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.40), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7ST85 (CP300) (All versions >= V7.80), SIPROTEC 5 7ST86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SX82 (CP150) (All versions < V9.40), SIPROTEC 5 7SX85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.40), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.40). Affected devices lack proper validation of http request parameters of the hosted web service.\r\nAn unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -35,35 +35,13 @@
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SIPROTEC 5 6MD85 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 6MD85 (CP300)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 6MD86 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -74,7 +52,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -85,7 +63,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -96,18 +74,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7KE85 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -118,7 +85,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -145,46 +112,13 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SA84 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SA86 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SA86 (CP300)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SA87 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -195,7 +129,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -222,46 +156,13 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SD84 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SD86 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SD86 (CP300)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SD87 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -272,7 +173,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -321,35 +222,13 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SJ85 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SJ85 (CP300)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SJ86 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -360,7 +239,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -387,24 +266,13 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SK85 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SK85 (CP300)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -431,35 +299,13 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SL86 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SL86 (CP300)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SL87 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -470,18 +316,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7SS85 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -492,18 +327,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7ST85 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -514,7 +338,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -525,7 +349,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -547,7 +371,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -558,7 +382,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -585,35 +409,13 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7UT85 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7UT85 (CP300)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7UT86 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -624,18 +426,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7UT87 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -646,7 +437,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -657,18 +448,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIPROTEC 5 7VK87 (CP200)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -679,7 +459,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -690,7 +470,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V9.40"
|
||||
"version_value": "All versions >= V7.80 < V9.40"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem."
|
||||
"value": "A vulnerability has been identified in Polarion ALM (All versions < V22R2). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -41,7 +41,7 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2304.0"
|
||||
"version_value": "All versions < V22R2"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -65,8 +65,8 @@
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
|
||||
"baseScore": 5.3,
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
|
||||
"baseScore": 5.9,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
|
||||
@ -1,17 +1,84 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-28832",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
|
||||
"cweId": "CWE-77"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC712",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC716",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
|
||||
"baseScore": 7.2,
|
||||
"baseSeverity": "HIGH"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-29103",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device uses a hard-coded password to protect the diagnostic files. This could allow an authenticated attacker to access protected data."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-259: Use of Hard-coded Password",
|
||||
"cweId": "CWE-259"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC712",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC716",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,84 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-29104",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to overwrite any file the Linux user `ccuser` has write access to, or to download any file the Linux user `ccuser` has read-only access to."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
|
||||
"cweId": "CWE-22"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC712",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC716",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
|
||||
"baseScore": 6,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-29105",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS)."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-544: Missing Standardized Error Handling Mechanism",
|
||||
"cweId": "CWE-544"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC712",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC716",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
|
||||
"baseScore": 5.9,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,84 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-29106",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
|
||||
"cweId": "CWE-200"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC712",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC716",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,84 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-29107",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint discloses some undocumented files. This could allow an unauthenticated remote attacker to gain access to additional information resources."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-552: Files or Directories Accessible to External Parties",
|
||||
"cweId": "CWE-552"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC712",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC716",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,84 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-29128",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to write any file with the extension `.db`."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
|
||||
"cweId": "CWE-22"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC712",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "SIMATIC Cloud Connect 7 CC716",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions >= V2.0 < V2.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C",
|
||||
"baseScore": 3.8,
|
||||
"baseSeverity": "LOW"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,150 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-30898",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions < V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions < V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions < V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions < V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions < V23.1 HotfixRev1). The Event Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-502: Deserialization of Untrusted Data",
|
||||
"cweId": "CWE-502"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Siveillance Video 2020 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V20.2 HotfixRev14"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2020 R3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V20.3 HotfixRev12"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2021 R1",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V21.1 HotfixRev12"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2021 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V21.2 HotfixRev8"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2022 R1",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V22.1 HotfixRev7"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2022 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V22.2 HotfixRev5"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2022 R3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V22.3 HotfixRev2"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2023 R1",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V23.1 HotfixRev1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789345.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789345.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
|
||||
"baseScore": 9.9,
|
||||
"baseSeverity": "CRITICAL"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,150 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-30899",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions < V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions < V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions < V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions < V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions < V23.1 HotfixRev1). The Management Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-502: Deserialization of Untrusted Data",
|
||||
"cweId": "CWE-502"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Siveillance Video 2020 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V20.2 HotfixRev14"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2020 R3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V20.3 HotfixRev12"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2021 R1",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V21.1 HotfixRev12"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2021 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V21.2 HotfixRev8"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2022 R1",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V22.1 HotfixRev7"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2022 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V22.2 HotfixRev5"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2022 R3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V22.3 HotfixRev2"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Siveillance Video 2023 R1",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < V23.1 HotfixRev1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789345.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789345.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
|
||||
"baseScore": 9.9,
|
||||
"baseSeverity": "CRITICAL"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,77 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-30985",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < VX.223.0 Update 3), Solid Edge SE2023 (All versions < VX.223.0 Update 2). Affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19426)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-125: Out-of-bounds Read",
|
||||
"cweId": "CWE-125"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Solid Edge SE2023",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < VX.223.0 Update 3"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < VX.223.0 Update 2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
|
||||
"baseScore": 3.3,
|
||||
"baseSeverity": "LOW"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,77 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-30986",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "productcert@siemens.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < VX.223.0 Update 3), Solid Edge SE2023 (All versions < VX.223.0 Update 2). Affected applications contain a memory corruption vulnerability while parsing specially crafted STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19561)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
|
||||
"cweId": "CWE-119"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Siemens",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Solid Edge SE2023",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < VX.223.0 Update 3"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "All versions < VX.223.0 Update 2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
|
||||
"baseScore": 7.8,
|
||||
"baseSeverity": "HIGH"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2023/32xxx/CVE-2023-32506.json
Normal file
18
2023/32xxx/CVE-2023-32506.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32506",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32507.json
Normal file
18
2023/32xxx/CVE-2023-32507.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32507",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32508.json
Normal file
18
2023/32xxx/CVE-2023-32508.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32508",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32509.json
Normal file
18
2023/32xxx/CVE-2023-32509.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32509",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32510.json
Normal file
18
2023/32xxx/CVE-2023-32510.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32510",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32511.json
Normal file
18
2023/32xxx/CVE-2023-32511.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32511",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32512.json
Normal file
18
2023/32xxx/CVE-2023-32512.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32512",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32513.json
Normal file
18
2023/32xxx/CVE-2023-32513.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32513",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32514.json
Normal file
18
2023/32xxx/CVE-2023-32514.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32514",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32515.json
Normal file
18
2023/32xxx/CVE-2023-32515.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32515",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32516.json
Normal file
18
2023/32xxx/CVE-2023-32516.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32516",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32517.json
Normal file
18
2023/32xxx/CVE-2023-32517.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32517",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32518.json
Normal file
18
2023/32xxx/CVE-2023-32518.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32518",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32519.json
Normal file
18
2023/32xxx/CVE-2023-32519.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32519",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2023/32xxx/CVE-2023-32520.json
Normal file
18
2023/32xxx/CVE-2023-32520.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-32520",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user