CVE-2012-3028

Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://en.securitylab.ru/lab/PT-2012-42
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf	Patch
http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:siemens:simatic_pcs7:8.0:::::::*
	cpe:2.3:a:siemens:wincc::sp3::::::*
	cpe:2.3:a:siemens:wincc:5.0:::::::*
	cpe:2.3:a:siemens:wincc:5.0:sp1::::::
	cpe:2.3:a:siemens:wincc:6.0:::::::*
	cpe:2.3:a:siemens:wincc:6.0:sp2::::::
	cpe:2.3:a:siemens:wincc:6.0:sp3::::::
	cpe:2.3:a:siemens:wincc:6.0:sp4::::::
	cpe:2.3:a:siemens:wincc:7.0:::::::*
	cpe:2.3:a:siemens:wincc:7.0:sp1::::::
	cpe:2.3:a:siemens:wincc:7.0:sp2::::::

History

No history.

Information

Published : 2012-09-18 14:55

Updated : 2024-02-04 18:16

NVD link : CVE-2012-3028

Mitre link : CVE-2012-3028

CVE.ORG link : CVE-2012-3028

JSON object : View

Products Affected

siemens

wincc
simatic_pcs7

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2012-3028", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2012-09-18T14:55:01.397", "references": [{"url": "http://en.securitylab.ru/lab/PT-2012-42", "source": "ics-cert@hq.dhs.gov"}, {"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf", "tags": ["Patch"], "source": "ics-cert@hq.dhs.gov"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf", "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service."}, {"lang": "es", "value": "Una vulnerabilidad de falsificaci\u00f3n de peticiones en sitios cruzados (CSRF) en WebNavigator en Siemens WinCC v7.0 SP3 y versiones anteriores, tal como se utiliza en SIMATIC PCS v7 y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio o secuestrar la autenticaci\u00f3n de usuarios de su elecci\u00f3n para las peticiones que modifican datos."}], "lastModified": "2012-09-19T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8B894F4-9635-4436-BC0A-E43280426017"}, {"criteria": "cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5AC094B0-B1BE-436D-A8D3-2008D0CDE070", "versionEndIncluding": "7.0"}, {"criteria": "cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4CB277F-7ECB-4F44-8BB5-A3D350486EE7"}, {"criteria": "cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "616535F1-F609-408B-AE48-61ACF48748A1"}, {"criteria": "cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F322FCB-32F4-4C5A-A7F5-F7EF41188C88"}, {"criteria": "cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69822DB4-DC79-4F88-A470-5AC512C77377"}, {"criteria": "cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "996DE8BD-DD51-41EF-9882-C2BD2CC5FE53"}, {"criteria": "cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "945C8B46-4CDA-4143-889C-30E30E93DB29"}, {"criteria": "cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A33F9015-7058-419A-8762-CB2AE4ACF1A7"}, {"criteria": "cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6271FCC-CCF6-4D31-801A-B4B0DC4639DD"}, {"criteria": "cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF7A6B2B-D573-4285-B3B4-136F2BE7E710"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}