CVE-2013-0678

CWE-2553 documents3 sources
Severity
4.0MEDIUM
EPSS
0.2%
top 56.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Siemens Simatic Pcs7Siemens Wincc
Timeline
PublishedMar 21
Latest updateMay 17

Description

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

NVDsiemens/wincc7.0+1

🔴Vulnerability Details

2
GHSA
GHSA-7fj3-m479-pjm8: Siemens WinCC before 72022-05-17
CVEList
CVE-2013-0678: Siemens WinCC before 72013-03-21