Publication Date: |
2021-12-16 |
Last Update: |
2022-02-08 |
Current Version: |
V1.1 |
CVSS v3.1 Base Score: |
10.0 |
Affected Product and Versions |
Remediation |
SPPA-T3000 SeS3000 Security Server (6DU7054-0..00-..A0):
All versions
|
Currently no remediation is available
Specific mitigations and how to apply are described in the SE Controls Security Announcement Incident 2021-01, available in the customer portal.
https://cep.siemens-energy.com/cep/
See further recommendations from section Workarounds and Mitigations
|
- Ensure that SPPA-T3000 is set up according to the security concept defined in the SPPA-T3000 security manual
CVSS v3.1 Base Score |
10.0 |
CVSS Vector |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C |
CWE: |
CWE-20: Improper Input Validation |
CVSS v3.1 Base Score |
9.0 |
CVSS Vector |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
CWE: |
CWE-20: Improper Input Validation |