CVEDB API

Vulnerabilities

Vulnerable Software

Siemens: >> Wincc Tia Portal Security Vulnerabilities

CVE-2011-4515

Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access.

CVSS Score

4.6

EPSS Score

0.001

Published

2013-03-21

CVE-2013-0667

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVSS Score

4.3

EPSS Score

0.004

Published

2013-03-21

CVE-2013-0668

Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVSS Score

4.3

EPSS Score

0.004

Published

2013-03-21

CVE-2013-0669

The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.

CVSS Score

4.0

EPSS Score

0.002

Published

2013-03-21

CVE-2013-0670

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

CVSS Score

4.3

EPSS Score

0.003

Published

2013-03-21

CVE-2013-0671

Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.

CVSS Score

4.0

EPSS Score

0.002

Published

2013-03-21

CVE-2013-0672

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.

CVSS Score

3.5

EPSS Score

0.002

Published

2013-03-21

Page 1

Vulnerabilities

Vulnerable Software

Siemens: >> Wincc Tia Portal Security Vulnerabilities

Products

Pricing

Contact Us