A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote malicious user to download the files available via the endpoint.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siemens 6gk1411-1ac00_firmware 2.0 |
||
siemens 6gk1411-5ac00_firmware 2.0 |