Medium severity6.1NVD Advisory· Published Apr 17, 2019· Updated Jun 17, 2026
CVE-2018-13809
CVE-2018-13809
Description
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into following a malicious link. User interaction is required for a successful exploitation. At the time of advisory publication no public exploitation of this vulnerability was known.
Affected products
4All versions+ 1 more
- (no CPE)range: All versions
- (no CPE)range: All versions
All versions+ 1 more
- (no CPE)range: All versions
- (no CPE)range: All versions
Patches
Vulnerability mechanics
References
1- cert-portal.siemens.com/productcert/pdf/ssa-559174.pdfnvdVendor Advisory
News mentions
0No linked articles in our index yet.