Vulnerability Details CVE-2015-1048
Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.1%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-597212.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-597212.pdf
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-597212.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-597212.pdf
Products affected by CVE-2015-1048
-
cpe:2.3:h:siemens:simatic_s7_1200_cpu:-
-
cpe:2.3:o:siemens:simatic_s7_1200_cpu_firmware:4.0