Vulnerabilities > CVE-2017-6869 - Unspecified vulnerability in Siemens Viewport FOR web Office Portal

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

siemens

critical

NVD

Published: 2017-08-08

Updated: 2019-10-09

Summary

A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload arbitrary code and execute it with the permissions of the operating-system user running the web server by sending specially crafted network packets to port 443/TCP or port 80/TCP.

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens Viewport FOR WEB Office Portal -	1

References

http://www.securityfocus.com/bid/99343
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-545214.pdf