Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Siemens Subscribe
Filtered by product Wincc Tia Portal
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-4515 1 Siemens 1 Wincc Tia Portal 2013-05-30 4.6 MEDIUM N/A
Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access.
CVE-2013-0667 1 Siemens 1 Wincc Tia Portal 2013-03-22 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2013-0672 1 Siemens 1 Wincc Tia Portal 2013-03-22 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.
CVE-2013-0671 1 Siemens 1 Wincc Tia Portal 2013-03-21 4.0 MEDIUM N/A
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
CVE-2013-0669 1 Siemens 1 Wincc Tia Portal 2013-03-21 4.0 MEDIUM N/A
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
CVE-2013-0668 1 Siemens 1 Wincc Tia Portal 2013-03-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2013-0670 1 Siemens 1 Wincc Tia Portal 2013-03-21 4.3 MEDIUM N/A
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.