CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1698
https://notcve.org/view.php?id=CVE-2014-1698
Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999. Vulnerabilidad de salto de directorio en Siemens SIMATIC WinCC OA anterior a 3.12 P002 January permite a atacantes remotos leer archivos arbitrarios a través de paquetes manipulados hacia el puerto TCP 4999. • http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102811 http://secunia.com/advisories/56651 http://www.securityfocus.com/bid/65349 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90935 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •