CVE-2012-3028 : Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC

Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service.

Published 2012-09-18 14:55:01

Updated 2012-09-19 04:00:00

Source ICS-CERT

View at NVD, CVE.org

Vulnerability category: Cross-site request forgery (CSRF)Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2012-3028

Probability of exploitation activity in the next 30 days: 0.11%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 43 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-3028

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2012-3028

CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-3028

http://en.securitylab.ru/lab/PT-2012-42

PT-2012-42: Multiple Cross Site Scripting and Cross Site Request Forgery vulnerabilities in Siemens Simatic WinCC WebNavigator

CVEs referencing this url
http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf

404 - File Not Found | CISA

CVEs referencing this url
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf

Patch

CVEs referencing this url

Products affected by CVE-2012-3028

Siemens » Wincc » Update SP3
Versions up to, including, (<=) 7.0
cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: 6.0 Update SP4
cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: 6.0 Update SP3
cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: 7.0 Update SP2
cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: 7.0
cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: 6.0
cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: 5.0
cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: 7.0 Update SP1
cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: 5.0 Update SP1
cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: 6.0 Update SP2
cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*
Matching versions
Siemens » Simatic Pcs7 » Version: 8.0
cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-3028

Exploit prediction scoring system (EPSS) score for CVE-2012-3028

CVSS scores for CVE-2012-3028

CWE ids for CVE-2012-3028

References for CVE-2012-3028

Products affected by CVE-2012-3028