First published: Tue Sep 18 2012(Updated: )
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SIMATIC PCS7 | =8.0 | |
Siemens WinCC | <=7.0 | |
Siemens WinCC | =5.0 | |
Siemens WinCC | =5.0-sp1 | |
Siemens WinCC | =6.0 | |
Siemens WinCC | =6.0-sp2 | |
Siemens WinCC | =6.0-sp3 | |
Siemens WinCC | =6.0-sp4 | |
Siemens WinCC | =7.0 | |
Siemens WinCC | =7.0-sp1 | |
Siemens WinCC | =7.0-sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.