Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N
Vendors Products
Siemens
  • Wincc Tia Portal

Configuration 1 [-]

cpe:2.3:a:siemens:wincc_tia_portal:11.0:*:*:*:*:*:*:*
References
Link Resource
http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf US Government Resource
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2022-10-03T16:15:05

Updated: 2022-10-03T16:15:05

Reserved: 2022-10-03T00:00:00

Link: CVE-2013-0671

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2013-03-21T14:55:01.530

Modified: 2013-03-22T04:00:00.000

Link: CVE-2013-0671

JSON object: View

cve-icon Redhat Information

No data.

CWE