{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T06:51:36.969","vulnerabilities":[{"cve":{"id":"CVE-2023-46099","sourceIdentifier":"productcert@siemens.com","published":"2023-11-14T11:15:14.840","lastModified":"2024-11-21T08:27:53.853","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). There is a stored cross-site scripting vulnerability in the Administration Console of the affected product, that could allow an attacker with high privileges to inject Javascript code into the application that is later executed by another legitimate user."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en SIMATIC PCS neo (todas las versiones &lt; V4.1). Existe una vulnerabilidad de cross-site scripting almacenada en la Consola de Administración del producto afectado, que podría permitir a un atacante con altos privilegios inyectar código Javascript en la aplicación que luego será ejecutado por otro usuario legítimo."}],"metrics":{"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*","versionEndExcluding":"4.1","matchCriteriaId":"96D49ACA-BF2E-4C89-8168-E4A95D5B22AA"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-456933.pdf","source":"productcert@siemens.com","tags":["Patch","Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-456933.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}