Sign-up

ID

VAR-201308-0266


CVE

CVE-2013-4911


TITLE

Siemens SIMATIC WinCC TIA Portal Cross-Site Request Forgery Vulnerability

Trust: 1.4

sources: IVD: ce456e70-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11280 // CNNVD: CNNVD-201307-681

DESCRIPTION

Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to hijack the authentication of unspecified victims by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Siemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems. A remote attacker can exploit this vulnerability to hijack user authentication through incorrectly configured SIMATIC HMI panels of WinCC products

Trust: 2.7

sources: NVD: CVE-2013-4911 // JVNDB: JVNDB-2013-003626 // CNVD: CNVD-2013-11280 // BID: 61536 // IVD: ce456e70-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-64913

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: ce456e70-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11280

AFFECTED PRODUCTS

vendor:siemensmodel:winccscope:eqversion:11.0

Trust: 1.6

vendor:siemensmodel:winccscope:eqversion:12.0

Trust: 1.6

vendor:siemensmodel:simatic winccscope:eqversion:11

Trust: 0.8

vendor:siemensmodel:simatic winccscope:ltversion:12

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:12 sp1

Trust: 0.8

vendor:winccmodel: - scope:eqversion:11.0

Trust: 0.6

vendor:siemensmodel:simatic wincc tia portalscope:eqversion:12.x

Trust: 0.6

vendor:winccmodel: - scope:eqversion:12.0

Trust: 0.2

sources: IVD: ce456e70-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11280 // JVNDB: JVNDB-2013-003626 // CNNVD: CNNVD-201307-681 // NVD: CVE-2013-4911

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-4911
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-4911
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-11280
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201307-681
value: MEDIUM

Trust: 0.6

IVD: ce456e70-2352-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-64913
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-4911
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-11280
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: ce456e70-2352-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-64913
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: ce456e70-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11280 // VULHUB: VHN-64913 // JVNDB: JVNDB-2013-003626 // CNNVD: CNNVD-201307-681 // NVD: CVE-2013-4911

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.9

sources: VULHUB: VHN-64913 // JVNDB: JVNDB-2013-003626 // NVD: CVE-2013-4911

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-681

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201307-681

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-003626

PATCH
title:SSA-064884url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf
Trust: 0.8
title:Patch for Siemens SIMATIC WinCC TIA Portal cross-site request forgery vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/37986
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-11280 // 
            
            
            
            JVNDB: JVNDB-2013-003626

EXTERNAL IDS
db:NVDid:CVE-2013-4911
Trust: 3.7
db:BIDid:61536
Trust: 2.6
db:SIEMENSid:SSA-064884
Trust: 2.3
db:ICS CERTid:ICSA-13-213-02
Trust: 1.9
db:SECUNIAid:54051
Trust: 1.7
db:SECUNIAid:54252
Trust: 1.1
db:CNNVDid:CNNVD-201307-681
Trust: 0.9
db:CNVDid:CNVD-2013-11280
Trust: 0.8
db:JVNDBid:JVNDB-2013-003626
Trust: 0.8
db:IVDid:CE456E70-2352-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:PACKETSTORMid:122647
Trust: 0.2
db:VULHUBid:VHN-64913
Trust: 0.1
sources:
            
            
            IVD: ce456e70-2352-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2013-11280 // 
            
            
            
            VULHUB: VHN-64913 // 
            
            
            
            BID: 61536 // 
            
            
            
            JVNDB: JVNDB-2013-003626 // 
            
            
            
            PACKETSTORM: 122647 // 
            
            
            
            CNNVD: CNNVD-201307-681 // 
            
            
            
            NVD: CVE-2013-4911

REFERENCES
url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf
Trust: 2.3
url:https://ics-cert.us-cert.gov/advisories/icsa-13-213-02
Trust: 1.9
url:http://www.securityfocus.com/bid/61536
Trust: 1.7
url:http://scadastrangelove.blogspot.com/2013/08/ssa-064884-wincctia-portal-fixes.html
Trust: 1.1
url:http://secunia.com/advisories/54051
Trust: 1.1
url:http://secunia.com/advisories/54252
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/86099
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4911
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4911
Trust: 0.8
url:http://www.secunia.com/advisories/54051/
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-4911
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-4912
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-11280 // 
            
            
            
            VULHUB: VHN-64913 // 
            
            
            
            JVNDB: JVNDB-2013-003626 // 
            
            
            
            PACKETSTORM: 122647 // 
            
            
            
            CNNVD: CNNVD-201307-681 // 
            
            
            
            NVD: CVE-2013-4911

CREDITS
Timur Yunusov and Sergey Bobrov from Positive Technologies
Trust: 0.9
sources:
            
            
            BID: 61536 // 
            
            
            
            CNNVD: CNNVD-201307-681

SOURCES
db:IVDid:ce456e70-2352-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2013-11280
db:VULHUBid:VHN-64913
db:BIDid:61536
db:JVNDBid:JVNDB-2013-003626
db:PACKETSTORMid:122647
db:CNNVDid:CNNVD-201307-681
db:NVDid:CVE-2013-4911

LAST UPDATE DATE
2024-08-14T15:19:16.822000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-11280date:2013-08-05T00:00:00
db:VULHUBid:VHN-64913date:2017-08-29T00:00:00
db:BIDid:61536date:2013-08-01T17:55:00
db:JVNDBid:JVNDB-2013-003626date:2013-08-05T00:00:00
db:CNNVDid:CNNVD-201307-681date:2013-08-06T00:00:00
db:NVDid:CVE-2013-4911date:2017-08-29T01:33:41.200

SOURCES RELEASE DATE
db:IVDid:ce456e70-2352-11e6-abef-000c29c66e3ddate:2013-08-05T00:00:00
db:CNVDid:CNVD-2013-11280date:2013-08-02T00:00:00
db:VULHUBid:VHN-64913date:2013-08-01T00:00:00
db:BIDid:61536date:2013-07-31T00:00:00
db:JVNDBid:JVNDB-2013-003626date:2013-08-05T00:00:00
db:PACKETSTORMid:122647date:2013-08-02T03:07:16
db:CNNVDid:CNNVD-201307-681date:2013-07-31T00:00:00
db:NVDid:CVE-2013-4911date:2013-08-01T13:32:26.113