VDB
SSA-165073
SSA-165073
PUBLISHED
CVSS 5.300000190734863 MEDIUM
Multiple vulnerabilities were identified in the webserver of SICAM P850 and SICAM P855 devices. These include unauthenticated access to web-interface functionality, missing HTTPS or impersonation as well as cross-site scripting related vulnerabilities. Siemens has released updates for the affected products and recommends to update to the latest versions.
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SICAM P855 | ||
| SICAM P850 |
Exploit Intelligence
- https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf (circl)
- https://cert-portal.siemens.com/productcert/txt/ssa-165073.txt (circl)
- https://cert-portal.siemens.com/productcert/csaf/ssa-165073.json (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109743594/ (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109743621/ (circl)
Timeline
- CVE Published
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf advisory
- https://cert-portal.siemens.com/productcert/txt/ssa-165073.txt advisory
- https://cert-portal.siemens.com/productcert/csaf/ssa-165073.json advisory
- https://support.industry.siemens.com/cs/ww/en/view/109743594/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109743621/ fix