Details of VAR-201202-0049

ID

VAR-201202-0049

CVE

CVE-2011-4514

TITLE

plural Siemens Product TELNET Access vulnerability in daemon

Trust: 0.8

sources: JVNDB: JVNDB-2012-001316

DESCRIPTION

The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session. plural Siemens Product TELNET Since the daemon does not authenticate, there is a vulnerability that allows easy access.By a third party TCP Access can easily be gained through a session. Siemens SIMATIC is an automation software in a single engineering environment. SIMATIC panels include the Telnet daemon by default, but the daemon does not implement any validation features. A vulnerability exists in several versions of Siemens SIMATIC WinCC due to the failure of the TELNET daemon to perform authentication. A remote attacker could use this vulnerability to gain access through a TCP session

Trust: 2.43

sources: NVD: CVE-2011-4514 // JVNDB: JVNDB-2012-001316 // CNVD: CNVD-2012-0464 // IVD: 28d0ca64-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52459

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 28d0ca64-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0464

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	mp	Trust: 2.4
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	op	Trust: 2.4
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	tp	Trust: 2.4
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2008	Trust: 1.6
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	comfort_panels	Trust: 1.6
vendor:	siemens	model:	wincc runtime advanced	scope:	eq	version:	v11	Trust: 1.6
vendor:	siemens	model:	wincc	scope:	eq	version:	v11	Trust: 1.6
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	mobile_panels	Trust: 1.6
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2007	Trust: 1.6
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2008	Trust: 1.4
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2007	Trust: 1.4
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2005	Trust: 1.4
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2004	Trust: 1.4
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	v11	Trust: 1.4
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2005	Trust: 1.0
vendor:	siemens	model:	wincc flexible runtime	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2004	Trust: 1.0
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	comfort panels	Trust: 0.8
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	mobile panels	Trust: 0.8
vendor:	siemens	model:	simatic wincc flexible rumtime	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	eq	version:	v11	Trust: 0.8
vendor:	siemens	model:	simatic wincc flexible runtime	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic hmi panels	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic wincc	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	wincc flexible runtime	scope:	-	version:	-	Trust: 0.6
vendor:	wincc flexible	model:	-	scope:	eq	version:	2004	Trust: 0.2
vendor:	wincc flexible	model:	-	scope:	eq	version:	2005	Trust: 0.2
vendor:	wincc flexible	model:	-	scope:	eq	version:	2007	Trust: 0.2
vendor:	wincc flexible	model:	-	scope:	eq	version:	2008	Trust: 0.2
vendor:	wincc	model:	-	scope:	eq	version:	v11	Trust: 0.2
vendor:	simatic hmi panels	model:	comfort panels	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	mobile panels	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	mp	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	op	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	tp	scope:	-	version:	-	Trust: 0.2
vendor:	wincc runtime advanced	model:	-	scope:	eq	version:	v11	Trust: 0.2
vendor:	wincc flexible runtime	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 28d0ca64-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0464 // JVNDB: JVNDB-2012-001316 // CNNVD: CNNVD-201202-089 // NVD: CVE-2011-4514

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-4514
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-4514
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201202-089
value:	CRITICAL
Trust: 0.6
IVD:	28d0ca64-2354-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-52459
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-4514
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
IVD:	28d0ca64-2354-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-52459
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 28d0ca64-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52459 // JVNDB: JVNDB-2012-001316 // CNNVD: CNNVD-201202-089 // NVD: CVE-2011-4514

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.9

sources: VULHUB: VHN-52459 // JVNDB: JVNDB-2012-001316 // NVD: CVE-2011-4514

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-089

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201202-089

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001316

PATCH

title:	SSA-345442	url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf	Trust: 0.8
title:	ソリューションパートナー	url:	http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx	Trust: 0.8
title:	Top Page	url:	http://www.siemens.com/entry/jp/ja/	Trust: 0.8
title:	Patch for Siemens SIMATIC WinCC HMI Telnet Vulnerability (CNVD-2012-0464)	url:	https://www.cnvd.org.cn/patchInfo/show/9062	Trust: 0.6

sources: CNVD: CNVD-2012-0464 // JVNDB: JVNDB-2012-001316

EXTERNAL IDS

db:	NVD	id:	CVE-2011-4514	Trust: 3.3
db:	ICS CERT	id:	ICSA-12-030-01	Trust: 3.1
db:	SIEMENS	id:	SSA-345442	Trust: 1.7
db:	CNNVD	id:	CNNVD-201202-089	Trust: 0.9
db:	CNVD	id:	CNVD-2012-0464	Trust: 0.8
db:	JVNDB	id:	JVNDB-2012-001316	Trust: 0.8
db:	IVD	id:	28D0CA64-2354-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-52459	Trust: 0.1

sources: IVD: 28d0ca64-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0464 // VULHUB: VHN-52459 // JVNDB: JVNDB-2012-001316 // CNNVD: CNNVD-201202-089 // NVD: CVE-2011-4514

REFERENCES

url:	http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf	Trust: 3.1
url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4514	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4514	Trust: 0.8

sources: CNVD: CNVD-2012-0464 // VULHUB: VHN-52459 // JVNDB: JVNDB-2012-001316 // CNNVD: CNNVD-201202-089 // NVD: CVE-2011-4514

SOURCES

db:	IVD	id:	28d0ca64-2354-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2012-0464
db:	VULHUB	id:	VHN-52459
db:	JVNDB	id:	JVNDB-2012-001316
db:	CNNVD	id:	CNNVD-201202-089
db:	NVD	id:	CVE-2011-4514

LAST UPDATE DATE

2024-08-14T13:36:41.733000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-0464	date:	2012-02-07T00:00:00
db:	VULHUB	id:	VHN-52459	date:	2012-02-06T00:00:00
db:	JVNDB	id:	JVNDB-2012-001316	date:	2012-02-08T00:00:00
db:	CNNVD	id:	CNNVD-201202-089	date:	2012-02-07T00:00:00
db:	NVD	id:	CVE-2011-4514	date:	2012-02-06T05:00:00

SOURCES RELEASE DATE

db:	IVD	id:	28d0ca64-2354-11e6-abef-000c29c66e3d	date:	2012-02-07T00:00:00
db:	CNVD	id:	CNVD-2012-0464	date:	2012-02-07T00:00:00
db:	VULHUB	id:	VHN-52459	date:	2012-02-03T00:00:00
db:	JVNDB	id:	JVNDB-2012-001316	date:	2012-02-08T00:00:00
db:	CNNVD	id:	CNNVD-201202-089	date:	2012-02-07T00:00:00
db:	NVD	id:	CVE-2011-4514	date:	2012-02-03T20:55:01.577