ID

VAR-201202-0046


CVE

CVE-2011-4511


TITLE

plural Siemens Product HMI Web Server vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2012-001313

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4510. plural Siemens Product HMI Web The server contains a cross-site scripting vulnerability. This vulnerability is CVE-2011-4510 This is a different vulnerability.By any third party, Web Script or HTML May be inserted. Siemens SIMATIC is an automation software in a single engineering environment. The SIMATIC HMI Smart Options web server has two separate cross-site scripting attacks that allow elevation of privilege, stealing data or corrupting services. SIMATIC HMI is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks

Trust: 2.79

sources: NVD: CVE-2011-4511 // JVNDB: JVNDB-2012-001313 // CNVD: CNVD-2012-0461 // BID: 51835 // IVD: 28629d64-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52456 // VULMON: CVE-2011-4511

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 28629d64-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0461

AFFECTED PRODUCTS

vendor:siemensmodel:simatic hmi panelsscope:eqversion:mp

Trust: 2.4

vendor:siemensmodel:simatic hmi panelsscope:eqversion:op

Trust: 2.4

vendor:siemensmodel:simatic hmi panelsscope:eqversion:tp

Trust: 2.4

vendor:siemensmodel:simatic hmi panelsscope:eqversion:comfort_panels

Trust: 1.6

vendor:siemensmodel:wincc runtime advancedscope:eqversion:v11

Trust: 1.6

vendor:siemensmodel:winccscope:eqversion:v11

Trust: 1.6

vendor:siemensmodel:simatic hmi panelsscope:eqversion:mobile_panels

Trust: 1.6

vendor:siemensmodel:simatic wincc flexiblescope:eqversion:2007

Trust: 1.4

vendor:siemensmodel:simatic wincc flexiblescope:eqversion:2005

Trust: 1.4

vendor:siemensmodel:simatic wincc flexiblescope:eqversion:2004

Trust: 1.4

vendor:siemensmodel:wincc flexiblescope:eqversion:2005

Trust: 1.0

vendor:siemensmodel:winccscope:lteversion:v11

Trust: 1.0

vendor:siemensmodel:wincc flexiblescope:eqversion:2007

Trust: 1.0

vendor:siemensmodel:wincc flexible runtimescope:eqversion:*

Trust: 1.0

vendor:siemensmodel:wincc flexiblescope:eqversion:2004

Trust: 1.0

vendor:siemensmodel:wincc flexiblescope:eqversion:2008

Trust: 1.0

vendor:siemensmodel:simatic hmi panelsscope:eqversion:comfort panels

Trust: 0.8

vendor:siemensmodel:simatic hmi panelsscope:eqversion:mobile panels

Trust: 0.8

vendor:siemensmodel:simatic winccscope:ltversion:v11 sp2 update 1

Trust: 0.8

vendor:siemensmodel:simatic wincc flexiblescope:ltversion:2008 sp3

Trust: 0.8

vendor:siemensmodel:simatic wincc flexible rumtimescope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic wincc runtime advancedscope:eqversion:v11

Trust: 0.8

vendor:wincc flexiblemodel: - scope:eqversion:2008

Trust: 0.6

vendor:siemensmodel:simatic wincc flexible runtimescope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic wincc runtime advancedscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic wincc flexiblescope:eqversion:2008

Trust: 0.6

vendor:siemensmodel:simatic hmi panelsscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic winccscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic winccscope:eqversion:v11

Trust: 0.6

vendor:siemensmodel:wincc flexible runtimescope: - version: -

Trust: 0.6

vendor:winccmodel: - scope:eqversion:v11

Trust: 0.4

vendor:siemensmodel:simatic hmi smart optionsscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic hmiscope:eqversion:0

Trust: 0.3

vendor:wincc flexiblemodel: - scope:eqversion:2004

Trust: 0.2

vendor:wincc flexiblemodel: - scope:eqversion:2005

Trust: 0.2

vendor:wincc flexiblemodel: - scope:eqversion:2007

Trust: 0.2

vendor:winccmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic hmi panelsmodel:comfort panelsscope: - version: -

Trust: 0.2

vendor:simatic hmi panelsmodel:mobile panelsscope: - version: -

Trust: 0.2

vendor:simatic hmi panelsmodel:mpscope: - version: -

Trust: 0.2

vendor:simatic hmi panelsmodel:opscope: - version: -

Trust: 0.2

vendor:simatic hmi panelsmodel:tpscope: - version: -

Trust: 0.2

vendor:wincc runtime advancedmodel: - scope:eqversion:v11

Trust: 0.2

vendor:wincc flexible runtimemodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 28629d64-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0461 // BID: 51835 // JVNDB: JVNDB-2012-001313 // CNNVD: CNNVD-201202-086 // NVD: CVE-2011-4511

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4511
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-4511
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201202-086
value: MEDIUM

Trust: 0.6

IVD: 28629d64-2354-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-52456
value: MEDIUM

Trust: 0.1

VULMON: CVE-2011-4511
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-4511
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

IVD: 28629d64-2354-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-52456
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 28629d64-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52456 // VULMON: CVE-2011-4511 // JVNDB: JVNDB-2012-001313 // CNNVD: CNNVD-201202-086 // NVD: CVE-2011-4511

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-52456 // JVNDB: JVNDB-2012-001313 // NVD: CVE-2011-4511

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-086

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201202-086

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001313

PATCH

title:SSA-345442url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf

Trust: 0.8

title:ソリューションパートナーurl:http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx

Trust: 0.8

title:Top Pageurl:http://www.siemens.com/entry/jp/ja/

Trust: 0.8

title:Patch for Siemens SIMATIC WinCC HMI Cross-Site Scripting Vulnerability (CNVD-2012-0461)url:https://www.cnvd.org.cn/patchInfo/show/9059

Trust: 0.6

sources: CNVD: CNVD-2012-0461 // JVNDB: JVNDB-2012-001313

EXTERNAL IDS

db:NVDid:CVE-2011-4511

Trust: 3.7

db:ICS CERTid:ICSA-12-030-01

Trust: 3.5

db:SIEMENSid:SSA-345442

Trust: 1.8

db:CNNVDid:CNNVD-201202-086

Trust: 0.9

db:CNVDid:CNVD-2012-0461

Trust: 0.8

db:JVNDBid:JVNDB-2012-001313

Trust: 0.8

db:NSFOCUSid:19403

Trust: 0.6

db:ICS CERTid:ICSA-12-030-01A

Trust: 0.4

db:BIDid:51835

Trust: 0.4

db:IVDid:28629D64-2354-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:VULHUBid:VHN-52456

Trust: 0.1

db:VULMONid:CVE-2011-4511

Trust: 0.1

sources: IVD: 28629d64-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0461 // VULHUB: VHN-52456 // VULMON: CVE-2011-4511 // BID: 51835 // JVNDB: JVNDB-2012-001313 // CNNVD: CNNVD-201202-086 // NVD: CVE-2011-4511

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf

Trust: 3.5

url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf

Trust: 1.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4511

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4511

Trust: 0.8

url:http://www.nsfocus.net/vulndb/19403

Trust: 0.6

url:http://www.automation.siemens.com/mcms/automation/en/human-machine-interface/pages/default.aspx

Trust: 0.3

url:http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/79.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.securityfocus.com/bid/51835

Trust: 0.1

url:https://ics-cert.us-cert.gov/advisories/icsa-12-030-01a

Trust: 0.1

sources: CNVD: CNVD-2012-0461 // VULHUB: VHN-52456 // VULMON: CVE-2011-4511 // BID: 51835 // JVNDB: JVNDB-2012-001313 // CNNVD: CNNVD-201202-086 // NVD: CVE-2011-4511

CREDITS

Billy Rios, Terry McCorkle, Shawn Merdinger, and Luigi Auriemma.

Trust: 0.3

sources: BID: 51835

SOURCES

db:IVDid:28629d64-2354-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-0461
db:VULHUBid:VHN-52456
db:VULMONid:CVE-2011-4511
db:BIDid:51835
db:JVNDBid:JVNDB-2012-001313
db:CNNVDid:CNNVD-201202-086
db:NVDid:CVE-2011-4511

LAST UPDATE DATE

2024-08-14T13:36:41.815000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2012-0461date:2012-02-07T00:00:00
db:VULHUBid:VHN-52456date:2012-02-06T00:00:00
db:VULMONid:CVE-2011-4511date:2012-02-06T00:00:00
db:BIDid:51835date:2012-04-18T21:20:00
db:JVNDBid:JVNDB-2012-001313date:2012-02-08T00:00:00
db:CNNVDid:CNNVD-201202-086date:2012-02-07T00:00:00
db:NVDid:CVE-2011-4511date:2012-02-06T05:00:00

SOURCES RELEASE DATE

db:IVDid:28629d64-2354-11e6-abef-000c29c66e3ddate:2012-02-07T00:00:00
db:CNVDid:CNVD-2012-0461date:2012-02-07T00:00:00
db:VULHUBid:VHN-52456date:2012-02-03T00:00:00
db:VULMONid:CVE-2011-4511date:2012-02-03T00:00:00
db:BIDid:51835date:2012-01-30T00:00:00
db:JVNDBid:JVNDB-2012-001313date:2012-02-08T00:00:00
db:CNNVDid:CNNVD-201202-086date:2012-02-07T00:00:00
db:NVDid:CVE-2011-4511date:2012-02-03T20:55:01.407