10

CVE-2012-1799

EPSS 1.01%
Veröffentlicht 18.04.2012 10:33:34
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cret@cert.org
Teams Watchlist Login
Unerledigt Login

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative password.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Siemens ≫ Scalance S Firmware Version <= 2.3.0

Siemens ≫ Scalance S Firmware Version2.1.0

Siemens ≫ Scalance S Firmware Version2.2.0

Siemens ≫ Scalance S602 Versionv2

Siemens ≫ Scalance S612 Versionv2

Siemens ≫ Scalance S613 Versionv2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.01%	0.761

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://osvdb.org/81033

http://support.automation.siemens.com/WW/view/en/59869684

http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-268149.pdf

Vendor Advisory

http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-05.pdf

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2012-1799

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-1799

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-1799

EUVD