Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2017-2685

Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (including) and 2.0.6 (excluding) and between 3.0.4.00.032 (including) and 3.0.6 (excluding) contain a vulnerability that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack.

  • Published: Mar 1, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-2685
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.4
  • AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
siemens / sinumerik_operate 4.7-sp2 4.7-sp2.x
siemens / sinumerik_operate 4.5-sp6 4.5-sp6.x
siemens / sinumerik_integrate_operate_client 2.0.3.00.016 2.0.3.00.016.x
siemens / sinumerik_integrate_operate_client 3.0.4.00.032 3.0.4.00.032.x