CVE-2012-3028

Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://en.securitylab.ru/lab/PT-2012-42
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf	Patch
http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:siemens:simatic_pcs7:8.0:::::::*
	cpe:2.3:a:siemens:wincc:6.0:sp4::::::
	cpe:2.3:a:siemens:wincc:6.0:sp3::::::
	cpe:2.3:a:siemens:wincc:7.0:sp2::::::
	cpe:2.3:a:siemens:wincc:7.0:::::::*
	cpe:2.3:a:siemens:wincc:6.0:::::::*
	cpe:2.3:a:siemens:wincc:5.0:::::::*
	cpe:2.3:a:siemens:wincc::sp3::::::*
	cpe:2.3:a:siemens:wincc:7.0:sp1::::::
	cpe:2.3:a:siemens:wincc:5.0:sp1::::::
	cpe:2.3:a:siemens:wincc:6.0:sp2::::::

Information

Published : 2012-09-18 07:55

Updated : 2012-09-18 21:00

NVD link : CVE-2012-3028

Mitre link : CVE-2012-3028

JSON object : View

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

Products Affected

siemens

simatic_pcs7
wincc

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://en.securitylab.ru/lab/PT-2012-42", "name": "http://en.securitylab.ru/lab/PT-2012-42", "tags": [], "refsource": "MISC"}, {"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf", "name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf", "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-352"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-3028", "ASSIGNER": "ics-cert@hq.dhs.gov"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2012-09-18T14:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.0"}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2012-09-19T04:00Z"}