CVE-2018-13809
Last modified
CVE-2018-13809 is a vulnerability of currently unknown severity. A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into following a malicious link. EPSS estimates a 0.79% chance of exploitation in the next 30 days.
Description
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into following a malicious link. User interaction is required for a successful exploitation. At the time of advisory publication no public exploitation of this vulnerability was known.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Cp 1604 Firmware | <= 2.8 |
| Siemens | Cp 1616 Firmware | <= 2.8 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-13809?
How severe is CVE-2018-13809?
How do I fix CVE-2018-13809?
Are you affected by CVE-2018-13809?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST