Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Other SIPROTEC Compact relays by Siemens

    CVE-2018-4839 (GCVE-0-2018-4839)

    Vulnerability from nvd – Published: 2018-03-08 17:00 – Updated: 2024-08-05 05:18
    VLAI
    Summary
    A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions < V4.70), SIPROTEC 4 7SJ61 (All versions < V4.96), SIPROTEC 4 7SJ62 (All versions < V4.96), SIPROTEC 4 7SJ64 (All versions < V4.96), SIPROTEC 4 7SJ66 (All versions < V4.30), SIPROTEC Compact 7SJ80 (All versions < V4.77), SIPROTEC Compact 7SK80 (All versions < V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords.
    Severity
    No CVSS data available.
    CWE
    • CWE-326 - Inadequate Encryption Strength
    Assigner
    References
    Impacted products
    Vendor Product Version
    Siemens DIGSI 4 Affected: All versions < V4.92
    Create a notification for this product.
    Siemens EN100 Ethernet module DNP3 variant Affected: All versions < V1.05.00
    Create a notification for this product.
    Siemens EN100 Ethernet module IEC 104 variant Affected: All versions
    Create a notification for this product.
    Siemens EN100 Ethernet module IEC 61850 variant Affected: All versions < V4.30
    Create a notification for this product.
    Siemens EN100 Ethernet module Modbus TCP variant Affected: All versions
    Create a notification for this product.
    Siemens EN100 Ethernet module PROFINET IO variant Affected: All versions
    Create a notification for this product.
    Siemens Other SIPROTEC 4 relays Affected: All versions
    Create a notification for this product.
    Siemens Other SIPROTEC Compact relays Affected: All versions
    Create a notification for this product.
    Siemens SIPROTEC 4 7SD80 Affected: All versions < V4.70
    Create a notification for this product.
    Siemens SIPROTEC 4 7SJ61 Affected: All versions < V4.96
    Create a notification for this product.
    Siemens SIPROTEC 4 7SJ62 Affected: All versions < V4.96
    Create a notification for this product.
    Siemens SIPROTEC 4 7SJ64 Affected: All versions < V4.96
    Create a notification for this product.
    Siemens SIPROTEC 4 7SJ66 Affected: All versions < V4.30
    Create a notification for this product.
    Siemens SIPROTEC Compact 7SJ80 Affected: All versions < V4.77
    Create a notification for this product.
    Siemens SIPROTEC Compact 7SK80 Affected: All versions < V4.77
    Create a notification for this product.
    Date Public
    2018-03-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:18:26.659Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DIGSI 4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.92"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module DNP3 variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V1.05.00"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module IEC 104 variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module IEC 61850 variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.30"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module Modbus TCP variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module PROFINET IO variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "Other SIPROTEC 4 relays",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "Other SIPROTEC Compact relays",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SD80",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.70"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SJ61",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.96"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SJ62",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.96"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SJ64",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.96"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SJ66",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.30"
                }
              ]
            },
            {
              "product": "SIPROTEC Compact 7SJ80",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.77"
                }
              ]
            },
            {
              "product": "SIPROTEC Compact 7SK80",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.77"
                }
              ]
            }
          ],
          "datePublic": "2018-03-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in DIGSI 4 (All versions \u003c V4.92), EN100 Ethernet module DNP3 variant (All versions \u003c V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions \u003c V4.70), SIPROTEC 4 7SJ61 (All versions \u003c V4.96), SIPROTEC 4 7SJ62 (All versions \u003c V4.96), SIPROTEC 4 7SJ64 (All versions \u003c V4.96), SIPROTEC 4 7SJ66 (All versions \u003c V4.30), SIPROTEC Compact 7SJ80 (All versions \u003c V4.77), SIPROTEC Compact 7SK80 (All versions \u003c V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-326",
                  "description": "CWE-326: Inadequate Encryption Strength",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-13T11:02:46.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2018-4839",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DIGSI 4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.92"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module DNP3 variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V1.05.00"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module IEC 104 variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module IEC 61850 variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.30"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module Modbus TCP variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module PROFINET IO variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Other SIPROTEC 4 relays",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Other SIPROTEC Compact relays",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SD80",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SJ61",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.96"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SJ62",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.96"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SJ64",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.96"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SJ66",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.30"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC Compact 7SJ80",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.77"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC Compact 7SK80",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.77"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in DIGSI 4 (All versions \u003c V4.92), EN100 Ethernet module DNP3 variant (All versions \u003c V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions \u003c V4.70), SIPROTEC 4 7SJ61 (All versions \u003c V4.96), SIPROTEC 4 7SJ62 (All versions \u003c V4.96), SIPROTEC 4 7SJ64 (All versions \u003c V4.96), SIPROTEC 4 7SJ66 (All versions \u003c V4.30), SIPROTEC Compact 7SJ80 (All versions \u003c V4.77), SIPROTEC Compact 7SK80 (All versions \u003c V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-326: Inadequate Encryption Strength"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2018-4839",
        "datePublished": "2018-03-08T17:00:00.000Z",
        "dateReserved": "2018-01-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:18:26.659Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-4839 (GCVE-0-2018-4839)

    Vulnerability from cvelistv5 – Published: 2018-03-08 17:00 – Updated: 2024-08-05 05:18
    VLAI
    Summary
    A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions < V4.70), SIPROTEC 4 7SJ61 (All versions < V4.96), SIPROTEC 4 7SJ62 (All versions < V4.96), SIPROTEC 4 7SJ64 (All versions < V4.96), SIPROTEC 4 7SJ66 (All versions < V4.30), SIPROTEC Compact 7SJ80 (All versions < V4.77), SIPROTEC Compact 7SK80 (All versions < V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords.
    Severity
    No CVSS data available.
    CWE
    • CWE-326 - Inadequate Encryption Strength
    Assigner
    References
    Impacted products
    Vendor Product Version
    Siemens DIGSI 4 Affected: All versions < V4.92
    Create a notification for this product.
    Siemens EN100 Ethernet module DNP3 variant Affected: All versions < V1.05.00
    Create a notification for this product.
    Siemens EN100 Ethernet module IEC 104 variant Affected: All versions
    Create a notification for this product.
    Siemens EN100 Ethernet module IEC 61850 variant Affected: All versions < V4.30
    Create a notification for this product.
    Siemens EN100 Ethernet module Modbus TCP variant Affected: All versions
    Create a notification for this product.
    Siemens EN100 Ethernet module PROFINET IO variant Affected: All versions
    Create a notification for this product.
    Siemens Other SIPROTEC 4 relays Affected: All versions
    Create a notification for this product.
    Siemens Other SIPROTEC Compact relays Affected: All versions
    Create a notification for this product.
    Siemens SIPROTEC 4 7SD80 Affected: All versions < V4.70
    Create a notification for this product.
    Siemens SIPROTEC 4 7SJ61 Affected: All versions < V4.96
    Create a notification for this product.
    Siemens SIPROTEC 4 7SJ62 Affected: All versions < V4.96
    Create a notification for this product.
    Siemens SIPROTEC 4 7SJ64 Affected: All versions < V4.96
    Create a notification for this product.
    Siemens SIPROTEC 4 7SJ66 Affected: All versions < V4.30
    Create a notification for this product.
    Siemens SIPROTEC Compact 7SJ80 Affected: All versions < V4.77
    Create a notification for this product.
    Siemens SIPROTEC Compact 7SK80 Affected: All versions < V4.77
    Create a notification for this product.
    Date Public
    2018-03-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:18:26.659Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DIGSI 4",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.92"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module DNP3 variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V1.05.00"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module IEC 104 variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module IEC 61850 variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.30"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module Modbus TCP variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "EN100 Ethernet module PROFINET IO variant",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "Other SIPROTEC 4 relays",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "Other SIPROTEC Compact relays",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SD80",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.70"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SJ61",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.96"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SJ62",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.96"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SJ64",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.96"
                }
              ]
            },
            {
              "product": "SIPROTEC 4 7SJ66",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.30"
                }
              ]
            },
            {
              "product": "SIPROTEC Compact 7SJ80",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.77"
                }
              ]
            },
            {
              "product": "SIPROTEC Compact 7SK80",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V4.77"
                }
              ]
            }
          ],
          "datePublic": "2018-03-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in DIGSI 4 (All versions \u003c V4.92), EN100 Ethernet module DNP3 variant (All versions \u003c V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions \u003c V4.70), SIPROTEC 4 7SJ61 (All versions \u003c V4.96), SIPROTEC 4 7SJ62 (All versions \u003c V4.96), SIPROTEC 4 7SJ64 (All versions \u003c V4.96), SIPROTEC 4 7SJ66 (All versions \u003c V4.30), SIPROTEC Compact 7SJ80 (All versions \u003c V4.77), SIPROTEC Compact 7SK80 (All versions \u003c V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-326",
                  "description": "CWE-326: Inadequate Encryption Strength",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-13T11:02:46.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2018-4839",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DIGSI 4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.92"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module DNP3 variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V1.05.00"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module IEC 104 variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module IEC 61850 variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.30"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module Modbus TCP variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "EN100 Ethernet module PROFINET IO variant",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Other SIPROTEC 4 relays",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Other SIPROTEC Compact relays",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SD80",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SJ61",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.96"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SJ62",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.96"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SJ64",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.96"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC 4 7SJ66",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.30"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC Compact 7SJ80",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.77"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "SIPROTEC Compact 7SK80",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V4.77"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in DIGSI 4 (All versions \u003c V4.92), EN100 Ethernet module DNP3 variant (All versions \u003c V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions \u003c V4.70), SIPROTEC 4 7SJ61 (All versions \u003c V4.96), SIPROTEC 4 7SJ62 (All versions \u003c V4.96), SIPROTEC 4 7SJ64 (All versions \u003c V4.96), SIPROTEC 4 7SJ66 (All versions \u003c V4.30), SIPROTEC Compact 7SJ80 (All versions \u003c V4.77), SIPROTEC Compact 7SK80 (All versions \u003c V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-326: Inadequate Encryption Strength"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2018-4839",
        "datePublished": "2018-03-08T17:00:00.000Z",
        "dateReserved": "2018-01-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:18:26.659Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }