NVD

Id
22163  
Name
CVE-2016-8673  
Description
Cross-site request forgery (CSRF) vulnerability in the integrated web server on Siemens SIMATIC CP 343-1 Advanced prior to version 3.0.53, SIMATIC CP 443-1 Advanced prior to version 3.2.17, SIMATIC S7-300 CPU, and SIMATIC S7-400 CPU devices allows remote attackers to hijack the authentication of arbitrary users.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-03-18  
Published
2016-11-23  
Modified Date
2017-03-16  
Seq
2016-8673  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
118289 22163 CVE-2016-8673 94460  View
118290 22163 CVE-2016-8673 http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-603476.pdf  View
118291 22163 CVE-2016-8673 https://ics-cert.us-cert.gov/advisories/ICSA-16-327-02  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
5150 JVNDB-2016-005923 複数の Siemens SIMATIC 製品の統合 Web サーバにおけるクロスサイトリクエストフォージェリの脆弱性 複数の Siemens SIMATIC 製品の統合 Web サーバには、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2016-8673 95180 CVE-2016-8673 22163 6.8 8.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005923.html 2016-11-21 2016-11-24 View