VYPR
Unrated severityNVD Advisory· Published Mar 21, 2013· Updated Jun 16, 2026

CVE-2013-0676

CVE-2013-0676

Description

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

15
  • cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*range: <=8.0
    • cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*
    • (no CPE)range: <8.0 SP1
  • cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*range: <=7.1
    • cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*
    • (no CPE)range: <7.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.