CVE-2012-3031

Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://en.securitylab.ru/lab/PT-2012-42
http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf	US Government Resource
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf	Patch Vendor Advisory

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:siemens:wincc::sp3::::::*
	cpe:2.3:a:siemens:wincc:7.0:sp2::::::
	cpe:2.3:a:siemens:wincc:7.0:sp1::::::
	cpe:2.3:a:siemens:simatic_pcs7:8.0:::::::*
	cpe:2.3:a:siemens:wincc:6.0:sp3::::::
	cpe:2.3:a:siemens:wincc:7.0:::::::*
	cpe:2.3:a:siemens:wincc:6.0:sp4::::::
	cpe:2.3:a:siemens:wincc:6.0:sp2::::::
	cpe:2.3:a:siemens:wincc:6.0:::::::*
	cpe:2.3:a:siemens:wincc:5.0:sp1::::::
	cpe:2.3:a:siemens:wincc:5.0:::::::*

Information

Published : 2012-09-18 07:55

Updated : 2012-09-18 21:00

NVD link : CVE-2012-3031

Mitre link : CVE-2012-3031

JSON object : View

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

Products Affected

siemens

wincc
simatic_pcs7

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://en.securitylab.ru/lab/PT-2012-42", "name": "http://en.securitylab.ru/lab/PT-2012-42", "tags": [], "refsource": "MISC"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf", "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf", "tags": ["US Government Resource"], "refsource": "MISC"}, {"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf", "name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-79"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-3031", "ASSIGNER": "ics-cert@hq.dhs.gov"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2012-09-18T14:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.0"}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2012-09-19T04:00Z"}