Vulnerabilities > CVE-2013-0678 - Credentials Management vulnerability in Siemens Simatic Pcs7 and Wincc
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 8 |