漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 23), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly handle certain requests to their web application, which may lead to the leak of privileged information. This could allow an unauthenticated remote attacker to retrieve information such as users and passwords.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
侵犯隐私
Vulnerability Title
Siemens SIMATIC WinCC和SIMATIC PCS 安全漏洞
Vulnerability Description
Siemens SIMATIC WinCC和Siemens SIMATIC PCS都是德国西门子(Siemens)公司的产品。Siemens SIMATIC WinCC是一套自动化的数据采集与监控(SCADA)系统。Siemens SIMATIC PCS是一套过程控制系统。 Siemens SIMATIC WinCC和SIMATIC PCS 存在安全漏洞,该漏洞源于受影响的产品无法正确处理对其 Web 应用程序的某些请求,这可能导致特权信息泄露。这可能允许未经身份验证的远程攻击者检索用户和密码等信息。以下
CVSS Information
N/A
Vulnerability Type
N/A