CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2246
https://notcve.org/view.php?id=CVE-2014-2246
Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en el servidor web integrado en dispositivos de Siemens SIMATIC S7-1500 CPU PLC con firmware anterior a 1.5.0 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores no especificados. • http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01 http://www.securityfocus.com/bid/66201 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2247
https://notcve.org/view.php?id=CVE-2014-2247
The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject headers via unspecified vectors. El servidor web integrado en dispositivos Siemens SIMATIC S7-1500 CPU PLC con firmware anterior a 1.5.0 permite a atacantes remotos inyectar cabeceras a través de vectores no especificados. • http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2248
https://notcve.org/view.php?id=CVE-2014-2248
Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección abierta en el servidor web integrado en dispositivos de Siemens SIMATIC S7-1500 CPU PLC con firmware anterior a 1.5.0 permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a través de vectores no especificados. • http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01 http://www.securityfocus.com/bid/66190 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2257
https://notcve.org/view.php?id=CVE-2014-2257
Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets. Dispositivos de Siemens SIMATIC S7-1500 CPU PLC con firmware anterior a 1.5.0 permiten a atacantes remotos causar una denegación de servicio (transición de modo defecto) a través de paquetes ISO-TSAP manipulados. • http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2253
https://notcve.org/view.php?id=CVE-2014-2253
Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted Profinet packets. Dispositivos de Siemens SIMATIC S7-1500 CPU PLC con firmware anterior a 1.5.0 permiten a atacantes remotos causar una denegación de servicio (transición de modo defecto) a través de paquetes Profinet manipulados. • http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf •