Lucene search

MitreCVE-2016-8565

HistoryOct 13, 2016 - 10:59 a.m.

CVE-2016-8565

2016-10-1310:59:05

CWE-284

mitre

web.nvd.nist.gov

siemens

alm

cve-2016-8565

remote attackers

file manipulation

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

Confidence

High

EPSS

0.007

Percentile

80.5%

JSON

Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets.

Affected configurations

Nvd

Node

siemensautomation_license_managerRange≤5.3sp3

VendorProductVersionCPE
siemensautomation_license_manager*cpe:2.3:a:siemens:automation_license_manager:*:sp3:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	automation_license_manager	*	cpe:2.3:a:siemens:automation_license_manager::sp3::::::*

References

www.securityfocus.com/bid/93553

www.securitytracker.com/id/1037011

www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284342.pdf

ics-cert.us-cert.gov/advisories/ICSA-16-287-02

Social References

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

Confidence

High

EPSS

0.007

Percentile

80.5%

JSON

Related for CVE-2016-8565