Vulnerabilities > CVE-2014-2247 - HTTP Response Splitting vulnerability in Siemens SIMATIC S7-1500
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
PARTIAL network
siemens
Summary
The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject headers via unspecified vectors. CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 |