var-201404-0443
Vulnerability from variot
CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary HTTP headers via unspecified vectors. Siemens SIMATIC is an automation software in a single engineering environment. Since some unknown input is not properly filtered before being used to display the HTTP header, the attacker can use the HTTP header of the vulnerability to send the response to the user. Siemens SIMATIC S7-1200 is prone to an HTTP-response-splitting vulnerability because it fails to properly sanitize user-supplied input. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust. SIMATIC S7-1200 2.x and 3.x versions are vulnerable. Siemens SIMATIC S7-1200 is a programmable logic controller (PLC) used in small and medium-sized automation systems of Siemens, Germany
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0443",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7 cpu 1200",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic s7 cpu 1200",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "simatic s7 cpu 1200",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "3.0.2"
},
{
"model": "simatic s7 cpu-1211c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7 cpu 1212c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7 cpu 1217c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7 cpu 1214c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7 cpu 1215c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "2.x"
},
{
"model": "simatic s7-1200 cpu",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "3.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic s7 cpu 1200",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic s7 cpu 1200",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic s7 cpu 1200",
"version": "3.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic s7 cpu 1211c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic s7 cpu 1212c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic s7 cpu 1214c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic s7 cpu 1215c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "simatic s7 cpu 1217c",
"version": null
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "2.x"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "3.x"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.0.0"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0.3"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0.2"
},
{
"model": "simatic s7-1200",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.0"
}
],
"sources": [
{
"db": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1"
},
{
"db": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"db": "BID",
"id": "67061"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-506"
},
{
"db": "NVD",
"id": "CVE-2014-2909"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:siemens:simatic_s7_cpu-1211c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:siemens:simatic_s7_cpu_1212c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:siemens:simatic_s7_cpu_1214c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:siemens:simatic_s7_cpu_1215c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:siemens:simatic_s7_cpu_1217c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_s7_1200_cpu_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ralf Spenneberg, Hendrik Schwartke, and Maik Br\u00fcggemann from OpenSource Training",
"sources": [
{
"db": "BID",
"id": "67061"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2909",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-2909",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-02657",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-70848",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-2909",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-2909",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-02657",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-506",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-70848",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1"
},
{
"db": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"db": "VULHUB",
"id": "VHN-70848"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-506"
},
{
"db": "NVD",
"id": "CVE-2014-2909"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary HTTP headers via unspecified vectors. Siemens SIMATIC is an automation software in a single engineering environment. Since some unknown input is not properly filtered before being used to display the HTTP header, the attacker can use the HTTP header of the vulnerability to send the response to the user. Siemens SIMATIC S7-1200 is prone to an HTTP-response-splitting vulnerability because it fails to properly sanitize user-supplied input. \nAttackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust. \nSIMATIC S7-1200 2.x and 3.x versions are vulnerable. Siemens SIMATIC S7-1200 is a programmable logic controller (PLC) used in small and medium-sized automation systems of Siemens, Germany",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2909"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
},
{
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"db": "BID",
"id": "67061"
},
{
"db": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1"
},
{
"db": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-70848"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2909",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-14-114-02",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-892012",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201404-506",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2014-02657",
"trust": 1.2
},
{
"db": "BID",
"id": "67061",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002263",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "58173",
"trust": 0.6
},
{
"db": "OSVDB",
"id": "106256",
"trust": 0.6
},
{
"db": "IVD",
"id": "9ADB594E-1EDB-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D7D5300-463F-11E9-89F7-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "0BEDC55C-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-70848",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1"
},
{
"db": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"db": "VULHUB",
"id": "VHN-70848"
},
{
"db": "BID",
"id": "67061"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-506"
},
{
"db": "NVD",
"id": "CVE-2014-2909"
}
]
},
"id": "VAR-201404-0443",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1"
},
{
"db": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"db": "VULHUB",
"id": "VHN-70848"
}
],
"trust": 1.966485105
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1"
},
{
"db": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02657"
}
]
},
"last_update_date": "2024-11-23T21:55:25.909000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-892012",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892012.pdf"
},
{
"title": "Siemens SIMATIC S7-1200 HTTP Header Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/45196"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70848"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
},
{
"db": "NVD",
"id": "CVE-2014-2909"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-114-02"
},
{
"trust": 2.0,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892012.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-892012.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2909"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2909"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/58173/"
},
{
"trust": 0.6,
"url": "http://osvdb.com/show/osvdb/106256"
},
{
"trust": 0.3,
"url": "http://support.automation.siemens.com/ww/view/en/86567043"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"db": "VULHUB",
"id": "VHN-70848"
},
{
"db": "BID",
"id": "67061"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-506"
},
{
"db": "NVD",
"id": "CVE-2014-2909"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1"
},
{
"db": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"db": "VULHUB",
"id": "VHN-70848"
},
{
"db": "BID",
"id": "67061"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-506"
},
{
"db": "NVD",
"id": "CVE-2014-2909"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-28T00:00:00",
"db": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d"
},
{
"date": "2014-04-28T00:00:00",
"db": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1"
},
{
"date": "2014-04-28T00:00:00",
"db": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-04-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"date": "2014-04-25T00:00:00",
"db": "VULHUB",
"id": "VHN-70848"
},
{
"date": "2014-04-24T00:00:00",
"db": "BID",
"id": "67061"
},
{
"date": "2014-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002263"
},
{
"date": "2014-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-506"
},
{
"date": "2014-04-25T05:12:07.863000",
"db": "NVD",
"id": "CVE-2014-2909"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02657"
},
{
"date": "2020-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-70848"
},
{
"date": "2014-04-24T00:00:00",
"db": "BID",
"id": "67061"
},
{
"date": "2014-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002263"
},
{
"date": "2020-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-506"
},
{
"date": "2024-11-21T02:07:11.110000",
"db": "NVD",
"id": "CVE-2014-2909"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-506"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC S7-1200 CPU Device integration Web On the server CRLF Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002263"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "9adb594e-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d5300-463f-11e9-89f7-000c29342cb1"
},
{
"db": "IVD",
"id": "0bedc55c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-506"
}
],
"trust": 1.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…