Vulnerability Details CVE-2023-29106
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.8%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2023-29106
-
cpe:2.3:h:siemens:6gk1411-1ac00:-
-
cpe:2.3:h:siemens:6gk1411-5ac00:-
-
cpe:2.3:o:siemens:6gk1411-1ac00_firmware:2.0
-
cpe:2.3:o:siemens:6gk1411-5ac00_firmware:2.0