5.0.0.1

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

siemens

NVD

Published: 2017-08-07

Updated: 2024-11-21

Summary

A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before V4.7.1.3 and 5 before V5.0.0.2) that could allow an authenticated low-privileged remote user to gain read access to data in the XHQ solution exceeding his configured permission level.

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens XHQ Server 4.7.1.2 Siemens XHQ Server 5.0.0.1	2

References

http://www.securityfocus.com/bid/99247
http://www.securityfocus.com/bid/99247
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-945660.pdf
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-945660.pdf