SSA-324467 (Last Update: 2019-04-09): OS Command Injection in Spectrum Power 4.7

Published

2019-04-09 00:00:00 UTC

Summary

Versions of Spectrum Power™ 4, that use the customer specific project enhancement (PE) Web Office Portal (WOP) are affected by a possible OS Command Injection vulnerability. Siemens has released patches for the affected version and recommends to apply specific countermeasures until these patches can be applied.