CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1698
https://notcve.org/view.php?id=CVE-2014-1698
Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999. Vulnerabilidad de salto de directorio en Siemens SIMATIC WinCC OA anterior a 3.12 P002 January permite a atacantes remotos leer archivos arbitrarios a través de paquetes manipulados hacia el puerto TCP 4999. • http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102811 http://secunia.com/advisories/56651 http://www.securityfocus.com/bid/65349 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90935 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0CVE-2014-1699
https://notcve.org/view.php?id=CVE-2014-1699
Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999. Siemens SIMATIC WinCC OA anterior a 3.12 P002 January permite a atacantes remotos causar una denegación de servicio (interrupción del servicio de monitorización) a través de peticiones HTTP malformadas hacia el puerto TCP 4999. • http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102812 http://secunia.com/advisories/56651 http://www.securityfocus.com/bid/65347 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90936 • CWE-399: Resource Management Errors •