A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V1.81.2). An attacker with network access to the integrated web server on port 80/tcp could obtain the session ID of an active user session. A user must be logged in to the web interface. Siemens recommends to use the integrated webserver on port 80/tcp only in trusted networks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2017-08-30T19:00:00
Updated: 2024-08-05T18:43:56.700Z
Reserved: 2017-08-09T00:00:00
Link: CVE-2017-12734
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-08-30T19:29:00.273
Modified: 2022-01-04T18:09:36.570
Link: CVE-2017-12734
Redhat
No data.