ID | CVE-2011-4508 | ||||||
Sažetak | The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime generates predictable authentication tokens for cookies, which makes it easier for remote attackers to bypass authentication via a crafted cookie. | ||||||
Reference | |||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:N/AC:M/Au:N/C:C/I:C/A:C | ||||||
Zadnje važnije ažuriranje | 07-02-2012 - 05:00 | ||||||
Objavljeno | 03-02-2012 - 20:55 |