CVE-2017-6869
published 2017-08-08CVE-2017-6869: A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload…
PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.98%
85.6th percentile
A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload arbitrary code and execute it with the permissions of the operating-system user running the web server by sending specially crafted network packets to port 443/TCP or port 80/TCP.
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated file upload attempts to Siemens ViewPort for Web Office Portal on ports 443/TCP and 80/TCP; successful exploitation results in arbitrary code execution under the web server OS user context. ↗
- →Alert on inbound network traffic to ViewPort for Web Office Portal (pre-revision 1453) on ports 443/TCP and 80/TCP that does not present valid authentication credentials, particularly requests carrying file upload payloads. ↗
- ·No known public exploits specifically target this vulnerability at time of advisory publication; detections should focus on anomalous upload behaviour rather than known exploit signatures. ↗
- ·Only ViewPort for Web Office Portal versions prior to revision number 1453 are affected; patched installations (revision 1453+) are not vulnerable. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g894-8f9c-q7gh: A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user t
ghsa_unreviewed·2022-05-13
CVE-2017-6869 [CRITICAL] CWE-287 GHSA-g894-8f9c-q7gh: A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user t
A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload arbitrary code and execute it with the permissions of the operating-system user running the web server by sending specially crafted network packets to port 443/TCP or port 80/TCP.
CISA ICS
Siemens Viewport for Web Office Portal
cisa_ics·2017-06-29
Siemens Viewport for Web Office Portal
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens Viewport for Web Office Portal
Last RevisedJune 29, 2017
Alert CodeICSA-17-180-03
## CVSS v3 9.8
ATTENTION: Remotely exploitable/low skill level to exploit.
Vendor: Siemens
Equipment: Viewport for Web Office Portal
Vulnerability: Improper Authentication
## AFFECTED PRODUCTS
Siemens reports that the vulnerability affects the following ViewPort for Web Office Portal products:
- ViewPort for Web Office Portal: versions prior to revision number 1453
## IMPACT
Successful exploitation of this vulnerability could allow a remote attacker to upload and execute arbitrary c
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-08-08
Published