CVE-2018-13809
N/A
N/A
Summary
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into following a malicious link. User interaction is required for a successful exploitation. At the time of advisory publication no public exploitation of this vulnerability was known.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | CP 1604 | All versions | affected |
| Siemens | CP 1616 | All versions | affected |
Weaknesses
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.