Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2017-2684
Vulnerability from cvelistv5
Published
2017-02-22 02:00
Modified
2024-08-05 14:02
Severity ?
EPSS score ?
Summary
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | http://www.securityfocus.com/bid/96208 | Third Party Advisory, VDB Entry | |
| productcert@siemens.com | https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96208 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | SIMATIC Logon All versions < V1.5 SP3 Update 2 |
Version: SIMATIC Logon All versions < V1.5 SP3 Update 2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96208"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC Logon All versions \u003c V1.5 SP3 Update 2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "SIMATIC Logon All versions \u003c V1.5 SP3 Update 2"
}
]
}
],
"datePublic": "2017-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-592",
"description": "CWE-592: Authentication Bypass Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-28T10:57:01",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"name": "96208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96208"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2017-2684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC Logon All versions \u003c V1.5 SP3 Update 2",
"version": {
"version_data": [
{
"version_value": "SIMATIC Logon All versions \u003c V1.5 SP3 Update 2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-592: Authentication Bypass Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96208"
},
{
"name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf",
"refsource": "CONFIRM",
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2017-2684",
"datePublished": "2017-02-22T02:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-2684\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2017-02-22T02:59:00.153\",\"lastModified\":\"2024-11-21T03:23:58.447\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.\"},{\"lang\":\"es\",\"value\":\"Siemens SIMATIC Logon en versiones anteriores a V1.5 SP3 Update 2 podr\u00eda permitir a un atacante con conocimiento de un nombre de usuario v\u00e1lido, y acceso f\u00edsico o de red al sistema afectado, eludir la autenticaci\u00f3n a nivel de aplicaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-592\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_logon:*:sp3_update_1:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.5\",\"matchCriteriaId\":\"0E791A5D-A304-4C65-84CA-859984342446\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/96208\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96208\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
ghsa-h5v3-4rh5-mj9g
Vulnerability from github
Published
2022-05-13 01:36
Modified
2022-05-13 01:36
Severity ?
Details
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.
{
"affected": [],
"aliases": [
"CVE-2017-2684"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-22T02:59:00Z",
"severity": "CRITICAL"
},
"details": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.",
"id": "GHSA-h5v3-4rh5-mj9g",
"modified": "2022-05-13T01:36:48Z",
"published": "2022-05-13T01:36:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2684"
},
{
"type": "WEB",
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/96208"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2017-2684
Vulnerability from fkie_nvd
Published
2017-02-22 02:59
Modified
2024-11-21 03:23
Severity ?
Summary
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | http://www.securityfocus.com/bid/96208 | Third Party Advisory, VDB Entry | |
| productcert@siemens.com | https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96208 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_logon | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_logon:*:sp3_update_1:*:*:*:*:*:*",
"matchCriteriaId": "0E791A5D-A304-4C65-84CA-859984342446",
"versionEndIncluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication."
},
{
"lang": "es",
"value": "Siemens SIMATIC Logon en versiones anteriores a V1.5 SP3 Update 2 podr\u00eda permitir a un atacante con conocimiento de un nombre de usuario v\u00e1lido, y acceso f\u00edsico o de red al sistema afectado, eludir la autenticaci\u00f3n a nivel de aplicaci\u00f3n."
}
],
"id": "CVE-2017-2684",
"lastModified": "2024-11-21T03:23:58.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-22T02:59:00.153",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96208"
},
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-592"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201702-0669
Vulnerability from variot
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM and SIMATIC IT are all industrial automation products from Siemens AG.
There is a certification bypass vulnerability in SIEMENS SIMATIC Logon. An attacker could exploit the vulnerability to bypass authentication mechanisms and perform unauthorized operations. This may aid in further attacks. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security vulnerability exists in versions prior to SIMATIC Logon 1.5 SP3 Update 2 in several Siemens SIMATIC products. The following products and versions are affected: Siemens SIMATIC WinCC Version 7.x; SIMATIC WinCC Runtime Professional; SIMATIC PCS 7; SIMATIC PDM; SIMATIC IT
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0669",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic logon",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "simatic logon",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "1.5 sp3 update 2"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7.x"
},
{
"model": "simatic wincc runtime professional",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "7"
},
{
"model": "simatic pdm",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic it",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic logon",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "simatic wincc runtime professional",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.41"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.4"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.32"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.310"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.31"
},
{
"model": "simatic wincc upd4",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.3"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.3"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.29"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.28"
},
{
"model": "simatic wincc update",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.21"
},
{
"model": "simatic wincc upd4",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic wincc upd11",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic wincc sp3 upd",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.08"
},
{
"model": "simatic wincc sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc sp2 upd",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.012"
},
{
"model": "simatic wincc sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc sp",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.03"
},
{
"model": "simatic wincc sp",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.02"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic pdm",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "78.2"
},
{
"model": "simatic pcs sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "78.1"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "78.1"
},
{
"model": "simatic pcs sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "78.0"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "78.0"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "78"
},
{
"model": "simatic pcs sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "77.1"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "77.1"
},
{
"model": "simatic pcs",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "77"
},
{
"model": "simatic logon",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic it",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic logon sp3 update",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic logon",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
},
{
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"db": "BID",
"id": "96208"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-612"
},
{
"db": "NVD",
"id": "CVE-2017-2684"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:siemens:simatic_logon",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "96208"
}
],
"trust": 0.3
},
"cve": "CVE-2017-2684",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-2684",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-01343",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-110887",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-2684",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2684",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-2684",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-01343",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-612",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-110887",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
},
{
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"db": "VULHUB",
"id": "VHN-110887"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-612"
},
{
"db": "NVD",
"id": "CVE-2017-2684"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM and SIMATIC IT are all industrial automation products from Siemens AG. \n\nThere is a certification bypass vulnerability in SIEMENS SIMATIC Logon. An attacker could exploit the vulnerability to bypass authentication mechanisms and perform unauthorized operations. This may aid in further attacks. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security vulnerability exists in versions prior to SIMATIC Logon 1.5 SP3 Update 2 in several Siemens SIMATIC products. The following products and versions are affected: Siemens SIMATIC WinCC Version 7.x; SIMATIC WinCC Runtime Professional; SIMATIC PCS 7; SIMATIC PDM; SIMATIC IT",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2684"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"db": "BID",
"id": "96208"
},
{
"db": "IVD",
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
},
{
"db": "VULHUB",
"id": "VHN-110887"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2684",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-931064",
"trust": 2.3
},
{
"db": "BID",
"id": "96208",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-17-045-03",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201702-612",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-01343",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002227",
"trust": 0.8
},
{
"db": "IVD",
"id": "9BC72032-E004-41AC-BCE6-0E6FF85B8945",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-110887",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
},
{
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"db": "VULHUB",
"id": "VHN-110887"
},
{
"db": "BID",
"id": "96208"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-612"
},
{
"db": "NVD",
"id": "CVE-2017-2684"
}
]
},
"id": "VAR-201702-0669",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
},
{
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"db": "VULHUB",
"id": "VHN-110887"
}
],
"trust": 1.5551800569999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
},
{
"db": "CNVD",
"id": "CNVD-2017-01343"
}
]
},
"last_update_date": "2024-11-23T22:18:06.049000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-931064",
"trust": 0.8,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
},
{
"title": "Patch for SIEMENS SIMATIC Logon Certification Bypass Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/176385"
},
{
"title": "Multiple Siemens SIMATIC Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68203"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-612"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-592",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110887"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"db": "NVD",
"id": "CVE-2017-2684"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/96208"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-045-03"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2684"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2684"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/cert/en/cert-security-advisories.htm"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"db": "VULHUB",
"id": "VHN-110887"
},
{
"db": "BID",
"id": "96208"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-612"
},
{
"db": "NVD",
"id": "CVE-2017-2684"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
},
{
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"db": "VULHUB",
"id": "VHN-110887"
},
{
"db": "BID",
"id": "96208"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-612"
},
{
"db": "NVD",
"id": "CVE-2017-2684"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-14T00:00:00",
"db": "IVD",
"id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
},
{
"date": "2017-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"date": "2017-02-22T00:00:00",
"db": "VULHUB",
"id": "VHN-110887"
},
{
"date": "2017-02-14T00:00:00",
"db": "BID",
"id": "96208"
},
{
"date": "2017-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"date": "2017-02-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-612"
},
{
"date": "2017-02-22T02:59:00.153000",
"db": "NVD",
"id": "CVE-2017-2684"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01343"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-110887"
},
{
"date": "2017-03-07T04:02:00",
"db": "BID",
"id": "96208"
},
{
"date": "2017-09-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002227"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-612"
},
{
"date": "2024-11-21T03:23:58.447000",
"db": "NVD",
"id": "CVE-2017-2684"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-612"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC Logon Vulnerabilities that bypass application-level authentication",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002227"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-612"
}
],
"trust": 0.6
}
}
icsa-17-045-03
Vulnerability from csaf_cisa
Published
2017-02-14 00:00
Modified
2018-06-12 00:00
Summary
Siemens SIMATIC Authentication Bypass (Update D)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this vulnerability could allow attackers to circumvent user authentication under certain conditions.
Critical infrastructure sectors
Chemical, Energy, Food and Agriculture, and Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target this vulnerability. High skill level is needed to exploit.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting this vulnerability to ICS-CERT"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow attackers to circumvent user authentication under certain conditions.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Chemical, Energy, Food and Agriculture, and Water and Wastewater Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability. High skill level is needed to exploit.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-17-045-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-045-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-17-045-03 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-045-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-045-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "SSA-496604: SSA-931064: Authentication Bypass in SIMATIC Logon - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-931064.txt"
}
],
"title": "Siemens SIMATIC Authentication Bypass (Update D)",
"tracking": {
"current_release_date": "2018-06-12T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-17-045-03",
"initial_release_date": "2017-02-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2017-02-14T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-17-045-03 Siemens SIMATIC Authentication Bypass"
},
{
"date": "2017-06-15T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-17-045-03A Siemens SIMATIC Authentication Bypass (Update A)"
},
{
"date": "2017-07-06T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-17-045-03B Siemens SIMATIC Authentication Bypass (Update B)"
},
{
"date": "2017-11-30T00:00:00.000000Z",
"legacy_version": "C",
"number": "4",
"summary": "ICSA-17-045-03C Siemens SIMATIC Authentication Bypass (Update C)"
},
{
"date": "2018-06-12T00:00:00.000000Z",
"legacy_version": "D",
"number": "5",
"summary": "ICSA-17-045-03 Siemens SIMATIC Authentication Bypass (Update D)"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V1.5 SP3 Update 2",
"product": {
"name": "SIMATIC Logon: All versions \u003c V1.5 SP3 Update 2",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SIMATIC Logon"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V7.4 SP1",
"product": {
"name": "SIMATIC WinCC: All versions \u003c V7.4 SP1",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V14 SP1",
"product": {
"name": "SIMATIC WinCC Runtime Professional: All versions \u003c V14 SP1",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC Runtime Professional"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V8.2 SP1",
"product": {
"name": "SIMATIC PCS 7: All versions \u003c V8.2 SP1",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "SIMATIC PCS 7"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V9.1",
"product": {
"name": "SIMATIC PDM: All versions \u003c V9.1",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "SIMATIC PDM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V7.1",
"product": {
"name": "SIMATIC IT Production Suite: All versions \u003c V7.1",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "SIMATIC IT Production Suite"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-2684",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An attacker with knowledge of a valid user name, and physical or network access to the affected system could bypass the application-level authentication.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109744966",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2684"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5 SP3 Update 2 - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without WinCC update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without WinCC Runtime Professional update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without PCS 7 update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without PDM update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without IT Production Suite update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
}
]
}
]
}
ICSA-17-045-03
Vulnerability from csaf_cisa
Published
2017-02-14 00:00
Modified
2018-06-12 00:00
Summary
Siemens SIMATIC Authentication Bypass (Update D)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this vulnerability could allow attackers to circumvent user authentication under certain conditions.
Critical infrastructure sectors
Chemical, Energy, Food and Agriculture, and Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target this vulnerability. High skill level is needed to exploit.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting this vulnerability to ICS-CERT"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow attackers to circumvent user authentication under certain conditions.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Chemical, Energy, Food and Agriculture, and Water and Wastewater Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability. High skill level is needed to exploit.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-17-045-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-045-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-17-045-03 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-045-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-045-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "SSA-496604: SSA-931064: Authentication Bypass in SIMATIC Logon - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-931064.txt"
}
],
"title": "Siemens SIMATIC Authentication Bypass (Update D)",
"tracking": {
"current_release_date": "2018-06-12T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-17-045-03",
"initial_release_date": "2017-02-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2017-02-14T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-17-045-03 Siemens SIMATIC Authentication Bypass"
},
{
"date": "2017-06-15T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-17-045-03A Siemens SIMATIC Authentication Bypass (Update A)"
},
{
"date": "2017-07-06T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-17-045-03B Siemens SIMATIC Authentication Bypass (Update B)"
},
{
"date": "2017-11-30T00:00:00.000000Z",
"legacy_version": "C",
"number": "4",
"summary": "ICSA-17-045-03C Siemens SIMATIC Authentication Bypass (Update C)"
},
{
"date": "2018-06-12T00:00:00.000000Z",
"legacy_version": "D",
"number": "5",
"summary": "ICSA-17-045-03 Siemens SIMATIC Authentication Bypass (Update D)"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V1.5 SP3 Update 2",
"product": {
"name": "SIMATIC Logon: All versions \u003c V1.5 SP3 Update 2",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SIMATIC Logon"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V7.4 SP1",
"product": {
"name": "SIMATIC WinCC: All versions \u003c V7.4 SP1",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V14 SP1",
"product": {
"name": "SIMATIC WinCC Runtime Professional: All versions \u003c V14 SP1",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC Runtime Professional"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V8.2 SP1",
"product": {
"name": "SIMATIC PCS 7: All versions \u003c V8.2 SP1",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "SIMATIC PCS 7"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V9.1",
"product": {
"name": "SIMATIC PDM: All versions \u003c V9.1",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "SIMATIC PDM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V7.1",
"product": {
"name": "SIMATIC IT Production Suite: All versions \u003c V7.1",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "SIMATIC IT Production Suite"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-2684",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An attacker with knowledge of a valid user name, and physical or network access to the affected system could bypass the application-level authentication.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109744966",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2684"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.5 SP3 Update 2 - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without WinCC update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without WinCC Runtime Professional update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without PCS 7 update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without PDM update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "vendor_fix",
"details": "Install SIMATIC Logon update (can be installed without IT Production Suite update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966 ",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109744966"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
}
]
}
]
}
gsd-2017-2684
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-2684",
"description": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.",
"id": "GSD-2017-2684"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-2684"
],
"details": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.",
"id": "GSD-2017-2684",
"modified": "2023-12-13T01:21:05.350220Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2017-2684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC Logon All versions \u003c V1.5 SP3 Update 2",
"version": {
"version_data": [
{
"version_value": "SIMATIC Logon All versions \u003c V1.5 SP3 Update 2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-592: Authentication Bypass Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96208"
},
{
"name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf",
"refsource": "CONFIRM",
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_logon:*:sp3_update_1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2017-2684"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
},
{
"name": "96208",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96208"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
}
},
"lastModifiedDate": "2019-10-09T23:27Z",
"publishedDate": "2017-02-22T02:59Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.