{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T12:20:52.147","vulnerabilities":[{"cve":{"id":"CVE-2017-9947","sourceIdentifier":"productcert@siemens.com","published":"2017-10-23T08:29:00.867","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en Siemens APOGEE PXC y TALON TC BACnet Automation Controllers en todas las versiones anteriores a la V3.5. Una vulnerabilidad de salto de directorio podría permitir a un atacante remoto con acceso de red al servidor web integrado (80/tcp y 443/tcp) obtener información de la estructura del sistema de archivos de los dispositivos afectados."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-538"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5","matchCriteriaId":"2449F533-CA42-44D4-B69E-B7B9F3A4EAD9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*","matchCriteriaId":"B73DAA70-4CFB-4E63-ADC7-EC8A93E0BBBB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:apogee_pxc_modular_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5","matchCriteriaId":"B1604D4C-3E06-46D0-8D39-0A5BC7CE5A1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:apogee_pxc_modular:-:*:*:*:*:*:*:*","matchCriteriaId":"D9485F0B-03E0-4442-B615-2DA91AE1CD00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:talon_tc_compact_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5","matchCriteriaId":"23756E05-4AD6-4888-AC07-C8E906CA5722"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:talon_tc_compact:-:*:*:*:*:*:*:*","matchCriteriaId":"46D32EF0-8AEC-4594-8928-45F34DC60600"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:talon_tc_modular_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5","matchCriteriaId":"AB1AF7BE-295B-4386-81F3-B08A1E15DD5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:talon_tc_modular:-:*:*:*:*:*:*:*","matchCriteriaId":"00C647D8-1725-42FA-8042-6C413EE67573"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.html","source":"productcert@siemens.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/101248","source":"productcert@siemens.com","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf","source":"productcert@siemens.com","tags":["Vendor Advisory"]},{"url":"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdf","source":"productcert@siemens.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/101248","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]}]}}]}