1. Home
  2. CVE Database
  3. CVE-2014-2248
MEDIUM · 4.3

CVE-2014-2248

Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to redirect users to arbitrary web sites and cond...

Vulnerability Description

Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
SiemensSimatic S7-1500 Cpu Firmware<= 1.1.2

References

FAQ

What is CVE-2014-2248?

CVE-2014-2248 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to redirect users to arbitrary web sites and cond...

How severe is CVE-2014-2248?

CVE-2014-2248 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-2248?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Simatic S7-1500 Cpu Firmware.