Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3034

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-3034
Last Modified 19 Sep 2012 10:11:05
Published 18 Sep 2012 10:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3034

Summary

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls.

Vulnerable Systems

Application

  • Siemens Simatic Pcs7 8.0

  • Siemens Wincc 5.0

  • Siemens Wincc 6.0

  • Siemens Wincc 7.0


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf

CONFIRM - http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf

MISC - http://en.securitylab.ru/lab/PT-2012-45


Last Updated: 27 May 2016 11:00:44