VYPR
Unrated severityNVD Advisory· Published Mar 21, 2013· Updated Jun 16, 2026

CVE-2013-0679

CVE-2013-0679

Description

Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14
  • cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*range: <=8.0
    • cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*
  • cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*range: <=7.1
    • cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*
    • (no CPE)range: <7.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.