A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated configuration web server of the affected CP devices could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by a legitimate user. A successful attack could allow an attacker to trigger actions via the web interface that the legitimate user is allowed to perform. At the time of advisory publication no public exploitation of this vulnerability was known.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2019-04-17T13:38:34
Updated: 2024-08-05T09:14:47.298Z
Reserved: 2018-07-10T00:00:00
Link: CVE-2018-13810
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-04-17T14:29:03.230
Modified: 2019-07-11T22:15:10.873
Link: CVE-2018-13810
Redhat
No data.