CVE-2014-2246 in SIMATIC S7-1500 Cpuinfo

Summary

Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

02/28/2014

Disclosure

03/16/2014

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-79

CVSS

4.3

EPSS

0.00508

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-2246
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-2246
CVE Details	https://www.cvedetails.com/cve/CVE-2014-2246/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!