CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2014-1697
https://notcve.org/view.php?id=CVE-2014-1697
The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999. El servidor Web integrado en Siemens SIMATIC WinCC OA anterior a 3.12 P002 January permite a atacantes remotos ejecutar código arbitrario a través de paquetes manipulados hacia el puerto TCP 4999. • http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102810 http://secunia.com/advisories/56651 http://www.securityfocus.com/bid/65351 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90933 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1698
https://notcve.org/view.php?id=CVE-2014-1698
Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999. Vulnerabilidad de salto de directorio en Siemens SIMATIC WinCC OA anterior a 3.12 P002 January permite a atacantes remotos leer archivos arbitrarios a través de paquetes manipulados hacia el puerto TCP 4999. • http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102811 http://secunia.com/advisories/56651 http://www.securityfocus.com/bid/65349 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90935 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •