CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4512

CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.7%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2011-4512

Siemens » Simatic Hmi Panels » Version: comfort_panels

cpe:2.3:a:siemens:simatic_hmi_panels:comfort_panels
Siemens » Simatic Hmi Panels » Version: mobile_panels

cpe:2.3:a:siemens:simatic_hmi_panels:mobile_panels
Siemens » Simatic Hmi Panels » Version: mp

cpe:2.3:a:siemens:simatic_hmi_panels:mp
Siemens » Simatic Hmi Panels » Version: op

cpe:2.3:a:siemens:simatic_hmi_panels:op
Siemens » Simatic Hmi Panels » Version: tp

cpe:2.3:a:siemens:simatic_hmi_panels:tp
Siemens » Wincc » Version: 6.0

cpe:2.3:a:siemens:wincc:6.0
Siemens » Wincc » Version: 7.0

cpe:2.3:a:siemens:wincc:7.0
Siemens » Wincc » Version: v11

cpe:2.3:a:siemens:wincc:v11
Siemens » Wincc Flexible » Version: 2004

cpe:2.3:a:siemens:wincc_flexible:2004
Siemens » Wincc Flexible » Version: 2005

cpe:2.3:a:siemens:wincc_flexible:2005
Siemens » Wincc Flexible » Version: 2007

cpe:2.3:a:siemens:wincc_flexible:2007
Siemens » Wincc Flexible » Version: 2008

cpe:2.3:a:siemens:wincc_flexible:2008
Siemens » Wincc Flexible Runtime » Version: Any

cpe:2.3:a:siemens:wincc_flexible_runtime:*
Siemens » Wincc Runtime Advanced » Version: v11

cpe:2.3:a:siemens:wincc_runtime_advanced:v11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4512

Products

Pricing

Contact Us