Description
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf
Scores
EPSS
0.0023
EPSS Percentile
45.8%
Details
CWE
CWE-200
Status
published
Products (8)
siemens/simatic_pcs7
7.1 sp3
siemens/simatic_pcs7
8.0
siemens/simatic_pcs7
< 8.0
siemens/wincc
5.0 (2 CPE variants)
siemens/wincc
6.0 (4 CPE variants)
siemens/wincc
7.0 (4 CPE variants)
siemens/wincc
7.1 (2 CPE variants)
siemens/wincc
< 7.2
Published
Jul 24, 2014
Tracked Since
Feb 18, 2026