CVE-2013-3958

The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
VendorProductVersion
siemenssimatic_pcs7
𝑥
≤ 8.0
siemenssimatic_pcs7
8.0
siemenswincc
𝑥
≤ 7.2
siemenswincc
7.0
siemenswincc
7.0:sp1
siemenswincc
7.0:sp2
siemenswincc
7.0:sp3
siemenswincc
7.1
siemenswincc
7.1:sp1
𝑥
= Vulnerable software versions
Common Weakness Enumeration