A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). When accessing the Information Server from affected products, the products use an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior.
Metrics
Affected Vendors & Products
References
History
Wed, 08 Jan 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: siemens
Published: 2023-11-14T11:04:20.174Z
Updated: 2025-01-08T16:35:08.154Z
Reserved: 2023-10-16T11:24:12.686Z
Link: CVE-2023-46098

Updated: 2024-08-02T20:37:39.455Z

Status : Modified
Published: 2023-11-14T11:15:14.553
Modified: 2024-11-21T08:27:53.723
Link: CVE-2023-46098

No data.