Vulnerabilites related to siemens - ruggedcom_rm1224_firmware
Vulnerability from fkie_nvd
Published
2020-02-11 16:15
Modified
2024-11-21 04:25
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit
internal resource allocation when multiple legitimate diagnostic package
requests are sent to the DCE-RPC interface.
This could lead to a denial of service condition due to lack of memory
for devices that include a vulnerable version of the stack.
The security vulnerability could be exploited by an attacker with network
access to an affected device. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise the availability of the device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:dk_standard_ethernet_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "61011393-B517-4D6C-A048-296DD1102481", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:profinet_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "7652A071-795B-43AF-9AAE-D2CD5A402E16", versionEndExcluding: "2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_ipc_support:*:*:*:*:*:*:*:*", matchCriteriaId: "23138553-6BE3-49C4-A620-00A005334DBB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ek-ertec_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73529415-179F-414B-8CC5-31D3DA8A7EC0", versionEndExcluding: "4.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ek-ertec_200:-:*:*:*:*:*:*:*", matchCriteriaId: "B47CF3BB-08E4-4B86-B793-8253C172D846", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ek-ertec_200p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2773F4B7-095E-4A33-93F2-765FA58B828C", versionEndExcluding: "4.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ek-ertec_200p:-:*:*:*:*:*:*:*", matchCriteriaId: "FB75CD44-5223-40A7-A835-111BF3C25D23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9CAC6A5-9968-4A29-800C-6FCD75E07E44", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE353DA7-61C5-45B0-B84D-87C960F5C223", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2474D551-2605-46AA-9E53-8DD4B059E08C", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9FBC29FB-270F-4F7D-9528-402EF92908FE", versionEndIncluding: "6.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-:*:*:*:*:*:*:*", matchCriteriaId: "880644DA-9280-4498-AD72-5CBD59CC8142", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C08F92C8-0A5D-470E-8CFC-F622C3014336", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96432C6B-6A9E-406F-9A64-9448CB786352", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200:-:*:*:*:*:*:*:*", matchCriteriaId: "BB503096-C528-478C-BD07-019C2CC882E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3491A486-47F3-4B30-B613-DCC412F6EF5B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E673B450-C436-49F3-B2F3-872B704FE075", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x-200irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40F9AA24-B159-423F-80A0-F13D87D9C152", versionEndExcluding: "5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x-200irt:-:*:*:*:*:*:*:*", matchCriteriaId: "94C7BE35-D3A6-488C-BB3D-D17D65DF4B80", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C5CA2E13-EDD4-4B8C-AA8F-6359FFF66606", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x-300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3F2C50BB-CC63-40BE-A5F0-0F0C342586CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x-300:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D0AB50-6F0B-4232-8C8E-1647410D362D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AEB10860-FB18-4E97-B0F7-9D499DDB92C3", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D552797-8CD7-46CA-BB36-123CCFF38A2A", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79964DA8-C4E9-4E90-8D47-FE77F56E7D67", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07322DA6-C3BA-4042-B5FB-9BF966AB3113", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C5CA2E13-EDD4-4B8C-AA8F-6359FFF66606", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x-400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A511E865-88A1-4B1E-909E-291350B41F56", versionEndExcluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x-400:-:*:*:*:*:*:*:*", matchCriteriaId: "D9434103-A85B-45F1-B63B-8C596BF0DE18", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5CAA4114-E06D-4723-A04D-A5316ED1500D", versionEndExcluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*", matchCriteriaId: "798E900F-5EF9-4B39-B8C2-79FAE659E7F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9524094D-9BF7-4A86-A939-0A8367C8B36E", versionEndExcluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524:-:*:*:*:*:*:*:*", matchCriteriaId: "7DEEA300-16C3-4FEE-88A8-674DE2AEEC95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr526_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48AAD4D9-25C3-42B1-A36F-CA22A7FCE8F7", versionEndExcluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526:-:*:*:*:*:*:*:*", matchCriteriaId: "756A07F8-4F9F-4A76-942E-82CB92216943", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5EDC2D0B-1986-491D-9864-69C2B9EF51C1", versionEndExcluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE5E54D-FFED-4C2C-B89D-E085E61D44E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D3897836-E47F-4606-BE7A-CEB96CC24DE5", versionEndExcluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552:-:*:*:*:*:*:*:*", matchCriteriaId: "AB16A0BE-5AF3-4168-B755-D023E497A35F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1616_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F08A1742-47FA-45D2-A62F-0ED5A0285486", versionEndExcluding: "2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*", matchCriteriaId: "CA074FBE-1C3E-4441-8C51-52B555B85D9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1604_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4CB1C18-DF85-4072-8435-52AB9DD9E02E", versionEndExcluding: "2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*", matchCriteriaId: "6304FA24-F194-4EE2-95F5-35D086F82C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_343-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "611E1F0F-D55F-4F40-87A0-4783876182B0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_343-1:-:*:*:*:*:*:*:*", matchCriteriaId: "C100D7C1-EAD2-455D-8A72-5BBBD85F2F77", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_343-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "794168D5-B763-42D4-9D31-55D284BFECE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_343-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "CD85C545-5D9A-4A96-AFC3-5D6D645E0D5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_343-1_erpc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "368AFAB1-3B35-41E1-9EF6-F3826181A074", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_343-1_erpc:-:*:*:*:*:*:*:*", matchCriteriaId: "7F46730D-FD5A-42EC-8796-0702E8922E85", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3B76697-8D6F-4CBC-9333-561613CA0492", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:*", matchCriteriaId: "EE2A18E2-F88F-4DC1-81E9-AC836C85A248", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "88638890-5ABE-4824-A41F-FCF30532A538", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F58423D0-954E-426E-9F8F-3DD95FBDF50C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B01B39C-0039-4126-95F2-6F691C5158A0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_443-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "E478FE71-32D1-4FE4-8AC9-1C898EFFD0B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "892B0B41-2C67-4BE5-BF99-3E4840078A21", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_443-1_opc_ua:-:*:*:*:*:*:*:*", matchCriteriaId: "5A952EB9-11C3-4E99-895D-B101F16008BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200al_im_157-1_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2CA8228-974B-4356-966E-763C30C1A916", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200al_im_157-1_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "A25EC630-914B-4906-8840-8B1ACBE81FEF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200m_im153-4_pn_io_hf_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "41E8BE6F-FF36-4C40-BC88-7224B0C77427", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200m_im153-4_pn_io_hf:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1E527C-2622-43F2-8CC0-AB52EE383A2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200m_im153-4_pn_io_st_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34F22E8D-4CB0-4685-92C0-23DD29709BDA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200m_im153-4_pn_io_st:-:*:*:*:*:*:*:*", matchCriteriaId: "D6670FFC-EF9F-429C-AECC-0677C7DAE38E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200mp_im155-5_pn_hf_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4EAF506A-0F5E-414F-B6D8-50BC14C8C8CB", versionEndExcluding: "4.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200mp_im155-5_pn_hf:-:*:*:*:*:*:*:*", matchCriteriaId: "0B26FB23-4646-4786-82B1-C24CBF9AE517", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200mp_im155-5_pn_st_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F463025-2099-4A6C-8014-F5AAABC7D4F5", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200mp_im155-5_pn_st:-:*:*:*:*:*:*:*", matchCriteriaId: "7404251E-37B7-4C70-A1E1-FB030E925487", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09F91703-C8EE-45B1-B94F-6688D6CB4F8A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200s:-:*:*:*:*:*:*:*", matchCriteriaId: "C50FF52E-3FF7-4398-9D65-9AFC9E3D30C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn_basic_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F10D55AD-37E2-49BB-8FD6-F02776507442", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn_basic:-:*:*:*:*:*:*:*", matchCriteriaId: "C4858340-5A05-4958-995E-4A5AF98B4848", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn_hf_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B9B94AF1-3621-4980-89D3-390377D1DD12", versionEndExcluding: "3.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn_hf:-:*:*:*:*:*:*:*", matchCriteriaId: "AE9CBE59-18F4-40E9-A8DF-4873F8796FDA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn_st_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A33CF191-ED02-4F5E-854A-EB650612D215", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn_st:-:*:*:*:*:*:*:*", matchCriteriaId: "F896FE89-0BCD-41F4-8F3A-4D1D09FB638C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200ecopn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CEC2C970-9EE1-4B16-B8B1-EAAEFC1450EB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200ecopn:-:*:*:*:*:*:*:*", matchCriteriaId: "5906B9AC-B5FF-493F-9956-DE2CE7570FD7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et200pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E0C7AB4-03DB-4E6E-86C6-E7E85D83B6B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et200pro:-:*:*:*:*:*:*:*", matchCriteriaId: "CC28C9DA-C4EA-48F6-8E6D-5375BCB1D732", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:im_154-3_pn_hf_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "316A89B6-17ED-4551-9BC7-13EAAD190CA4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:im_154-3_pn_hf:-:*:*:*:*:*:*:*", matchCriteriaId: "C530439C-3FC8-4F2A-BFAF-F36733E4074B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:im_154-4_pn_hf_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05C95643-56B5-4A1C-8D92-A01B34E47DB0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:im_154-4_pn_hf:-:*:*:*:*:*:*:*", matchCriteriaId: "1CB88AEB-5EAD-4B59-AD8A-4BFCEB09CE26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_mv440_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B53B628-F96C-40B1-A952-659406759472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_mv440:-:*:*:*:*:*:*:*", matchCriteriaId: "6408042E-7E06-4AED-9853-29B176EDFE9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_mv420_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C802EF05-03DD-4BE0-ACDA-8BDA11EA6D25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_mv420:-:*:*:*:*:*:*:*", matchCriteriaId: "79B15C1B-2510-434B-A589-5903CA0C00EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pn\\/pn_coupler_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94587A2A-019D-4DA1-B655-35B45356F189", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pn\\/pn_coupler:-:*:*:*:*:*:*:*", matchCriteriaId: "49FB85F8-7D45-433E-805B-360725F2980C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf180c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "167F39FD-FFB5-4C82-BE39-0787ED369546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf180c:-:*:*:*:*:*:*:*", matchCriteriaId: "62129B85-7C98-4951-8194-2E602A8DCDBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FC4F972-3A3B-421C-8D62-9C5C4D1992CF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*", matchCriteriaId: "7540DAD9-2AAC-46A9-B1C5-BB1AC4FCE710", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "774297C3-0A57-4902-AA98-A22ED6F4735C", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf600:-:*:*:*:*:*:*:*", matchCriteriaId: "A5708C3C-833E-4239-B249-CEC031F8CCC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_dcp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "83803F1C-4842-43BB-B903-C2E91FF7DC08", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*", matchCriteriaId: "B75F50CA-7371-4BC7-8D8A-13F8BC69E4EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit\ninternal resource allocation when multiple legitimate diagnostic package\nrequests are sent to the DCE-RPC interface.\nThis could lead to a denial of service condition due to lack of memory\nfor devices that include a vulnerable version of the stack.\n\nThe security vulnerability could be exploited by an attacker with network\naccess to an affected device. Successful exploitation requires no system\nprivileges and no user interaction. An attacker could use the vulnerability\nto compromise the availability of the device.", }, { lang: "es", value: "Las versiones de la pila Profinet-IO (PNIO) anteriores a la V06.00 no limitan adecuadamente la asignación de recursos internos cuando se envían múltiples solicitudes legítimas de paquetes de diagnóstico a la interfaz DCE-RPC. Esto podría conducir a una condición de denegación de servicio debido a la falta de memoria para los dispositivos que incluyen una versión vulnerable de la pila. La vulnerabilidad de seguridad podría ser explotada por un atacante con acceso de red a un dispositivo afectado. La explotación exitosa no requiere privilegios del sistema ni interacción del usuario. Un atacante podría utilizar la vulnerabilidad para comprometer la disponibilidad del dispositivo", }, ], id: "CVE-2019-13946", lastModified: "2024-11-21T04:25:45.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2020-02-11T16:15:15.023", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-780073.html", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-780073.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-15 17:15
Modified
2024-11-21 05:55
Severity ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf | Patch, Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 | Patch, Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EA73ED4-CA84-4499-8B05-BA394552C91B", versionEndExcluding: "6.4", versionStartIncluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81E8F8B9-8CE5-45DD-8F66-00C2CD611158", versionEndExcluding: "6.4", versionStartIncluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E518F61-3BA5-4C49-B9F6-4F72333C6A59", versionEndExcluding: "6.4", versionStartIncluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "147C2E5A-7085-4E63-8ED6-BDE56A6E333F", versionEndExcluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "AA0ECC58-F717-4F4A-AC8D-3F0244666E73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "371C4BA0-42A9-4BA4-BE21-7C5D0F9E837B", versionEndExcluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC408A8-903F-43A2-9D05-65AD4482FDBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "481EA136-48B6-46CA-8534-5F8F0E794F57", versionEndExcluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "080E722F-FCD4-4967-86EE-151ADC5702E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "35E28605-DD44-42F2-9076-2ED1D6205043", versionEndIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28F05973-CB28-46C2-BA62-654516FE7603", versionEndExcluding: "2.1.3", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "50FEE5FA-B141-4E5F-8673-363089262530", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CB080626-09C0-45CA-BE56-B3988E0E59C2", versionEndIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08F55CDF-84A4-4356-B81A-F78F50B0CC1B", versionEndExcluding: "2.1.3", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "8A79836B-5EC1-40AF-8A57-9657EF6758E5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D567B739-8271-4A43-9E1A-9FAF983DCBA1", versionEndIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DA160BE5-8790-4075-AE13-15569F9A5379", versionEndExcluding: "2.1.3", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "FCB9BD17-7F1F-42E9-831F-EB907F9BC214", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23B81A14-B7A0-441E-998E-7F7B75088788", versionEndIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5323BADF-8F3F-4B0B-8875-6D2E4963B8CF", versionEndExcluding: "2.1.3", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "10C7D54A-27B4-4195-8131-DD5380472A75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A90B1197-62AD-456C-99AF-8EC48461BDC5", versionEndIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCD4C9CA-211C-4B1F-BDBD-C612DA76B0B2", versionEndExcluding: "2.1.3", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "E54AF1E6-0E52-447C-8946-18716D30EBE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "999A853F-1B20-4698-8391-805FE7055DF7", versionEndExcluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C098F765-4BA2-4E59-9875-35FB5B83B6EB", versionEndExcluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7CFE7041-F84D-40AE-9102-48637F000214", versionEndExcluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5E81AEF3-1F99-4728-B3E1-FFBB22DA64E5", versionEndExcluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 (Todas las versiones posteriores e incluyendo a V4.3 y anteriores a V6.4), SCALANCE M-800 (Todas las versiones posteriores e incluyendo a V4.3 y anteriores a V6.4), SCALANCE S615 (Todas las versiones posteriores e incluyendo a V4.3 y anteriores a V6.4), SCALANCE SC-600 Family (Todas las versiones posteriores e incluyendo a V2.0 y anteriores a V2.1.3), SCALANCE XB-200 (Todas las versiones anteriores a V4.1), SCALANCE XC-200 (Todas las versiones anteriores a V4.1), SCALANCE XF-200BA (Todas las versiones anteriores a V4.1), SCALANCE XM400 (Todas las versiones anteriores a V6.2), SCALANCE XP-200 (Todas las versiones anteriores a V4.1), SCALANCE XR-300WG (Todas las versiones anteriores a V4.1), SCALANCE XR500 (Todas las versiones anteriores a V6.2). Unos dispositivos afectados contienen una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en el manejo de frames STP BPDU que podría permitir a un atacante remoto desencadenar una condición de denegación de servicio o una ejecución de código potencialmente remoto. Una explotación con éxito requiere que la funcionalidad listening pasiva del dispositivo esté activa", }, ], id: "CVE-2021-25667", lastModified: "2024-11-21T05:55:15.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-15T17:15:21.690", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf", }, { source: "productcert@siemens.com", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-13 11:15
Modified
2024-12-10 14:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-599968.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf | Patch, Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-599968.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 | Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:dk_standard_ethernet_controller_evaluation_kit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1BA1C1FD-EF49-488E-AB49-6F571D9E21B0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:dk_standard_ethernet_controller_evaluation_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "83110E06-CDB2-49AE-B1E6-6785E0801A53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ek-ertec_200_evaulation_kit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "978998A4-C7B5-4D6D-9FAD-3C6F975C8881", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ek-ertec_200_evaulation_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "12C60870-6B8C-4E91-B156-60D87B85543F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ek-ertec_200p_evaluation_kit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "249935E8-C45B-4586-B6BA-664AF23C7468", versionEndExcluding: "4.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ek-ertec_200p_evaluation_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "37176F8D-F1CB-4792-86FF-DA0FF674E0B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "758CC5D1-F26C-4093-BE09-0583F4CDBBDB", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02BC878B-BF73-4A2C-A9D5-F9FF0F3D418B", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F5AD34D-61AA-47B0-993A-4834984893EA", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60CB864-640E-4BC2-B378-5AF3DCA292D4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*", matchCriteriaId: "D3033B1E-57A6-4AE3-A861-7047CF8EAD79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44B0E5EA-4924-4865-AE6F-2F7BFCE5513B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*", matchCriteriaId: "5D9A73DD-4A21-4096-B4B6-A0A825E71006", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x200-4_p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8FCE9120-8091-41EC-A75E-01ED4AF64E28", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x200-4_p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "73E42E20-18CB-40A7-B6D5-751F26303995", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA86FF0D-7B16-4991-B4A5-AF33BF40693A", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "3268CF75-6DAB-416A-B19B-2A8F95C268CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2326FF-5125-44F5-871C-2DC505E2B299", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "492E8AC1-338B-4AC3-90C7-1FADCD4528C4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A12E0F8-A7BB-48E9-98E5-7DA4962FA8AE", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "577D1E21-717C-4508-AE91-0BC490C89F85", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29C03AD0-7A60-4BFB-A0D3-BABB9717F1A1", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "F4726901-34BF-4F70-80A6-71648A4A29FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "576A1BD5-84DE-4FFC-926D-6C40E5176660", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "0BC31F0E-389B-4925-88DE-726F2F0D2A23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFE2ABF4-2996-4671-A5AF-4424FB2537C1", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "8FF096BA-A6F4-46B3-9B9B-7FCEE7E6A6C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACE1A821-8F0A-4B96-AC8A-B219215014B1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2_:-:*:*:*:*:*:*:*", matchCriteriaId: "1AA16CFF-C01A-4AC0-A20E-50CBD3AA1C3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54201E08-15E3-4C93-9A0D-DC376B7C8D88", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*", matchCriteriaId: "1FCBC784-8EA0-4C6C-B504-DFC164028E4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "75220631-DD7D-4E86-8405-F98340FFE27C", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "2BE27611-53E7-4162-8630-5BC334B02E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3032A499-DFD5-4FEA-8AC6-E661781387AB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "1FDEBD6B-6BE4-4FAD-A4E6-BE762595434D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A493C49A-8BF9-43E5-98D5-55E5390A36A5", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*", matchCriteriaId: "E5FFC1E9-4326-4F41-A86A-C52AB6A9A674", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C9747F-BEC3-486E-B553-3339F8B54C3A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "0A5BB0F2-DD4C-4AB4-9B8F-B2501B239080", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C8D68AC-8F30-4919-ADB3-A6018458602B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*", matchCriteriaId: "6DFF7FB7-774B-45ED-8400-951230DF0511", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BC1450A-92ED-451F-9890-4E18CA974485", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*", matchCriteriaId: "B3B574E2-F7BA-496B-887C-D25F386AA5E1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "768320F0-10F5-4B36-AEB6-9DEEA43A30E8", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*", matchCriteriaId: "DF2C60CF-4089-4993-A2CB-B7FBDAF81D62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31B8367C-5EAC-49F4-83B8-C7E3BD373092", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*", matchCriteriaId: "4E716A4E-50A9-4C52-8DA9-098F7506F4B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55F50ABF-3E9A-4435-BAA4-7D11A2047D46", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "C08CDEE3-43EB-475E-8571-6E12824714FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC643617-D0B7-4379-8ADB-2C2BACA4B165", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*", matchCriteriaId: "F0C4BAB5-E161-4B59-8A8C-369C7852A66E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F0189DF6-DA80-49FE-B09F-0C07D892518E", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*", matchCriteriaId: "D2203895-BC4E-4B2F-9110-C2CD88A121F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF92A1A7-ADFB-49E1-AC54-03E32ECB73CE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "392D0623-343D-4BF1-BE0B-F2B347A24B62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "663897D9-82F5-436D-A0CF-BBB9338BF363", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9666E7EA-A298-4972-80F8-765B0F99EB25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9676DB10-982D-445F-9779-B39AE720AF2F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48D3EB09-6069-4289-A61E-C15B044EA2E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F045D6B1-459B-46F0-86DF-F9AA3CCEA9BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40A1A5F9-4971-4E9D-BBE7-5A0357C56213", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F53C74B-2154-417E-ACFE-01F0BACD3F15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D76A2268-5397-466C-98B5-01B46B4840A1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F8888A7-3285-4ACA-A5AD-2B0578050C4C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C08597D-6190-4C73-9ECF-2535553DECAA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2C12934-E79C-41A4-B023-BADD7D68CB55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D288227C-69C1-4248-AB4A-51F44A41FDEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27F765CD-B8A9-45B6-BA3C-C569FF0F8FF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91EDD23A-1DBD-4117-9396-89ADBC705B3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF07B014-1BA3-477E-A405-5DB35F68126A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "80502856-7617-4ED9-A103-681021131EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "144CDF5E-7E07-428B-B4DF-C94992B3A44A", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "339FFBDF-6957-481F-84CE-878B5CAAD9C8", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5557DB0-D3D8-4E53-BBA8-700B2BC336C0", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "41614C70-97B4-44C8-A441-530A413A26F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1A7EDE9-B5F9-4471-8C5D-B1D590CB85FB", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6751FB7D-C72C-4321-B535-5880FE696FC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CD13707-1164-415E-9083-7946D151F1FC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", matchCriteriaId: "0F1AE867-67B4-4871-BF56-88017533A737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86FBD0DA-ADA4-4F06-A2D6-11D7312257A2", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "25DDF1EB-80E7-491F-A197-1B220E35CDF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A09FF2D-F369-47B5-AEE4-A862BEDD9851", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2_:-:*:*:*:*:*:*:*", matchCriteriaId: "0C4207E0-7678-4E35-A79E-A6066D1E8BB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "786738CF-CA6C-4812-BD4D-595E249BFA76", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFCDC84E-0695-409A-844B-D24024CC33F2", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "2B40D2EB-5C69-47FA-801B-DC48407D418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1DB6C03-71BF-4359-834B-384E78910E64", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", matchCriteriaId: "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FBB13D3-4E04-4D01-B880-C16C4FFA240B", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D589735-017F-4675-8056-CA4FE57360E8", versionEndExcluding: "6.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC408A8-903F-43A2-9D05-65AD4482FDBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E642D10-E701-44DF-863B-D0DAA5530F50", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E6AB4BE-D669-4A95-8F8A-F2DA146D5FB1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F4B8E2B-DEFF-4F1C-B5A4-0C4671C605C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F4DE2B7-1AB3-4BA5-B261-926B774B01DD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0AC751E0-FC87-4DEB-85E8-C3E028B76482", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB09860F-9DC8-476B-9AF7-6FFE57101D6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32E2B545-326C-4724-90BC-147B57A37F20", versionEndExcluding: "6.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "080E722F-FCD4-4967-86EE-151ADC5702E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A53C2B5-A3FD-44CC-A78B-D2124EF37DB4", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cfu_pa_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5119182-CB31-466A-AB0F-7956C8B45AE0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cfu_pa:-:*:*:*:*:*:*:*", matchCriteriaId: "B6C1E4CC-2657-4383-83D8-5C8F88B12755", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ie\\/pb-link_v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A8C0F9C-AF27-424C-83F0-326EC10C40BE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ie\\/pb-link_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "939D9324-2A7F-4DBF-8F9F-DB8A379C977A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDEAC63C-E402-4698-B4A8-E9B53D5540DA", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*", matchCriteriaId: "93A5B50E-0316-4189-8F41-54732CFCF63F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cm_1542-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "761C2EC9-51B9-482B-8798-7982D265933D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cm_1542-1:-:*:*:*:*:*:*:*", matchCriteriaId: "40757A32-7347-4975-BC01-A1B28760D2C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1616_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4575EFA7-C453-466D-9C37-38FEE0B78053", versionEndIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1616:-:*:*:*:*:*:*:*", matchCriteriaId: "0B971242-13BA-4217-8FB0-92ACDCE463CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1604_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9F73267-3A7A-4A38-B999-9877B173B518", versionEndIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1604:-:*:*:*:*:*:*:*", matchCriteriaId: "A0DB421E-A774-451F-85AB-E66A4FAA33A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1626_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18143A38-84B8-479E-99FB-93FCA8CB058D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1626:-:*:*:*:*:*:*:*", matchCriteriaId: "5B0286CB-0566-4306-B069-789E5A4F168F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_net_dk-16xx_pn_io:*:*:*:*:*:*:*:*", matchCriteriaId: "78430123-6230-4B76-B163-CDA3FA77413C", versionEndIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_power_line_booster_plb_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AAAECA7-6936-48AD-B617-79F4C708E47F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_power_line_booster_plb:-:*:*:*:*:*:*:*", matchCriteriaId: "B7B52AEC-7A90-49F2-8006-FC146405C3E0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_profinet_driver_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE64639F-FC6D-43F6-A300-9B5A62495B27", versionEndExcluding: "2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:*", matchCriteriaId: "526493E9-EF74-4836-9A8F-134B625035AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6870C5CC-B7E0-45C3-9D98-F90765EE153F", versionEndExcluding: "4.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*", matchCriteriaId: "EC545350-FD53-4B2E-886F-E20F12260C9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simocode_prov_ethernet\\/ip_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FBDC4FD6-06A6-4728-B8A0-D896CD89FD3E", versionEndExcluding: "1.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simocode_prov_ethernet\\/ip:-:*:*:*:*:*:*:*", matchCriteriaId: "6CBAF8CF-6159-46D2-AB92-7CB5BFA7467B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simocode_prov_profinet_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27AC468E-63F9-443B-906C-D1794B846744", versionEndExcluding: "2.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simocode_prov_profinet:-:*:*:*:*:*:*:*", matchCriteriaId: "E595680D-555C-4A8E-A409-88CBCE6681E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:softnet-ie_pnio_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45650D6F-1F5F-4DC8-BF5C-C4FBE3D3E39D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:softnet-ie_pnio:-:*:*:*:*:*:*:*", matchCriteriaId: "B8673C81-91F5-4E74-8C5F-829040F39E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.", }, { lang: "es", value: "Los dispositivos afectados contienen una vulnerabilidad que permite a un atacante no autentificado desencadenar una condición de denegación de servicio. La vulnerabilidad puede activarse si se envía una gran cantidad de paquetes de restablecimiento de DCP al dispositivo", }, ], id: "CVE-2020-28400", lastModified: "2024-12-10T14:15:19.373", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 8.7, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2021-07-13T11:15:08.960", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-15 17:15
Modified
2024-11-21 05:55
Severity ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_firmware | 6.3 | |
| siemens | ruggedcom_rm1224 | - | |
| siemens | scalance_m-800_firmware | 6.3 | |
| siemens | scalance_m-800 | - | |
| siemens | scalance_s615_firmware | 6.3 | |
| siemens | scalance_s615 | - | |
| siemens | scalance_sc-600_firmware | * | |
| siemens | scalance_sc-600 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:6.3:*:*:*:*:*:*:*", matchCriteriaId: "041588BC-B3E6-400F-AF25-869D38EE3A1D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:6.3:*:*:*:*:*:*:*", matchCriteriaId: "57AE2532-01C4-4E62-836B-48FA7B0D932A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:6.3:*:*:*:*:*:*:*", matchCriteriaId: "A2B9767D-9249-4524-BA86-484610EDF9D1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FABE752D-A89A-4C2A-980E-AC75E471BA51", versionEndExcluding: "2.1.3", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*", matchCriteriaId: "725C671B-D7A0-48CF-8A31-5F9C4173F1DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 (versión V6.3), SCALANCE M-800 (versión V6.3), SCALANCE S615 (versión V6.3), SCALANCE SC-600 (Todas las versiones posteriores a V2.1 y anteriores a V2.1.3) . Múltiples intentos fallidos de autenticación SSH podrían desencadenar una Denegación de Servicio temporal en determinadas condiciones. Cuando es desencadenada, el dispositivo se reiniciará automáticamente", }, ], id: "CVE-2021-25676", lastModified: "2024-11-21T05:55:16.667", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-15T17:15:22.127", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-307", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-11 11:15
Modified
2025-04-10 20:26
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions >= V1.1.0 < V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.
This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0929F4C-9E86-4716-817F-DFACA179B3A2", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE36E468-BED7-4F69-B96B-37475B898698", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*", matchCriteriaId: "C6EBA42A-93FF-4883-8626-EF78D38374D3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A20C960-61EB-4C18-AD1B-A4D3D51D16C0", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m812-1:-:*:*:*:*:*:*:*", matchCriteriaId: "31EAEF72-8B41-44E0-A33B-753AF85A3106", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07969DC2-4B5F-4E16-8537-2AF2ADCE2F6F", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m816-1:-:*:*:*:*:*:*:*", matchCriteriaId: "5908438F-2575-46EB-AC96-5F33D018AFAC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AED73587-12BD-4F94-BCFB-16AD60B1A973", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*", matchCriteriaId: "60458734-FF87-48E9-9B63-5AB9EA5ED0E5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8DBB2514-5AFC-44C8-B514-938AFBDB38BD", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*", matchCriteriaId: "C933ED27-2206-4734-8EB8-6A6431D1FBF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C4488D9A-7EFD-49BB-B981-82FEAA32C4A6", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*", matchCriteriaId: "D3258DC7-0461-4C65-8292-85C9965EA83D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3854542-6F44-4444-B610-8E7FE364CFF4", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*", matchCriteriaId: "BD221BA9-3448-49E4-B3A3-D88B939785AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5B311B0-951A-49CF-9A46-8E01DE9A5079", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*", matchCriteriaId: "94E4CCE9-71F7-4960-B7DE-5298EFB7C619", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_mum853-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "424A24E1-78AF-4C83-B4BD-89D67E3A5A88", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_mum853-1:-:*:*:*:*:*:*:*", matchCriteriaId: "6F56875A-B2B3-471F-ADAC-574C55E1D86A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF3B5A56-F9ED-44F8-A02D-246F83D160FF", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_mum856-1:-:*:*:*:*:*:*:*", matchCriteriaId: "17BEBCAB-D640-4F6D-9579-4A54C76D80F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4853998E-7671-4F78-BE2D-88D788686181", versionEndExcluding: "7.1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_wam763-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5EF8DB32-D523-43A3-B787-D5D391820D37", versionStartIncluding: "1.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:*", matchCriteriaId: "1AAE316D-6BA6-4C3F-9EE1-E23E4CB6FD19", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C33F8E91-AAAE-458A-8690-2B69894DE9B7", versionStartIncluding: "1.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:*", matchCriteriaId: "AA96B540-439B-4A1A-9D7D-C45AEFBC7BE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_wum763-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB951482-45DB-4224-BD14-DFB54362AE80", versionStartIncluding: "1.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:*", matchCriteriaId: "C501445F-BDF6-4A0A-85FD-E6BFBF0A3C6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_wum766-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C84B33EE-C895-434B-AB8F-53D4B54D1D1F", versionStartIncluding: "1.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:*", matchCriteriaId: "4EB15599-F795-4D24-A4A6-CD826F6A7A13", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:ecc:*", matchCriteriaId: "57F1D7C6-7C13-4FFB-909C-B4B23A645F60", versionStartIncluding: "1.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:ecc:*", matchCriteriaId: "8168477E-7D2E-4575-8864-9B4FD152CD61", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions >= V1.1.0 < V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.\r\nThis could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (Todas las versiones anteriores a V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (Todas las versiones anteriores a V7.1.2), SCALANCE M804PB (Todas las versiones anteriores a V7.1. 2), SCALANCE M812-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1.2), SCALANCE M812-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M816-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1. 2), SCALANCE M816-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M826-2 SHDSL-Router (Todas las versiones anteriores a V7.1.2), SCALANCE M874-2 (Todas las versiones anteriores a V7.1.2), SCALANCE M874-3 (Todas las versiones anteriores a V7. 1.2), SCALANCE M876-3 (EVDO) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-3 (ROK) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (NAM) (Todas las versiones anteriores a V7. 1.2), SCALANCE MUM853-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (RoW) (Todas las versiones anteriores a V7.1.2), SCALANCE S615 (Todas las versiones anteriores a V7. 1.2), SCALANCE WAM763-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 6GHz (Todas las versiones posteriores a V1.1. 0 incluyéndola), SCALANCE WAM766-1 EEC (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 EEC (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 EEC 6GHz (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM763-1 (Todas las versiones posteriores a V1. 1.0 incluyéndola), SCALANCE WUM763-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM766-1 6GHz (Todas las versiones posteriores a V1.1.0 incluyéndola). Los dispositivos afectados con el servicio de eventos TCP activado no manejan apropiadamente los paquetes malformados. Esto podría permitir a un atacante remoto no autenticado causar una denegación de servicio y reiniciar el dispositivo, lo que podría afectar a otros recursos de red", }, ], id: "CVE-2022-31766", lastModified: "2025-04-10T20:26:39.307", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2022-10-11T11:15:09.810", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-697140.html", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-06 21:29
Modified
2024-11-21 04:08
Severity ?
Summary
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "686948B0-67CE-46FB-87DF-D4A796614CF8", versionEndIncluding: "4.18", versionStartIncluding: "3.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "AF83BB87-B203-48F9-9D06-48A5FE399050", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "16E6D998-B41D-4B49-9E00-8336D2E40A4A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*", matchCriteriaId: "6C81647C-9A53-481D-A54C-36770A093F90", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "A8442C20-41F9-47FD-9A12-E724D3A31FD7", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "13E02156-E748-4820-B76F-7074793837E1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "6755B6AD-0422-467B-8115-34A60B1D1A40", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D5F7E11E-FB34-4467-8919-2B6BEAABF665", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", matchCriteriaId: "21540673-614A-4D40-8BD7-3F07723803B0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", matchCriteriaId: "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", matchCriteriaId: "AEE2E768-0F45-46E1-B6D7-087917109D98", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", matchCriteriaId: "83B14968-3985-43C3-ACE5-8307196EFAE3", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", matchCriteriaId: "7CB85C75-4D35-480E-843D-60579EC75FCB", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", matchCriteriaId: "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", matchCriteriaId: "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", matchCriteriaId: "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", matchCriteriaId: "5F422A8C-2C4E-42C8-B420-E0728037E15C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", matchCriteriaId: "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:itanium:*:*", matchCriteriaId: "1BC405FE-D553-4F6E-A524-E0535B21BEBB", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", matchCriteriaId: "DB18C4CE-5917-401E-ACF7-2747084FD36E", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", matchCriteriaId: "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", matchCriteriaId: "CAACE735-003E-4ACB-A82E-C0CF97D7F013", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "627558CA-2606-4497-A232-0522D1CC8239", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9264B296-3445-4B9F-927D-7865BF3D8AF6", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1F7CF1E3-B1DA-4920-A37B-522CBA915535", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "58C8E163-2A45-4C64-A7C2-5686C1EB3C78", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "471EEDFE-F399-4DA4-A229-F35570514346", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "72900780-80F2-470C-AED6-92736CC5EFC7", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7FE43D60-C369-4806-B10A-97B02D715DFD", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4EDF69DE-310C-4C01-AA98-5EFB76C4E639", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E17D443D-9E5D-4F41-A539-6D7842B21E25", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3EB7CEBE-7EB5-48BD-89F5-DE3B20C0946A", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "D76F8CD6-1E23-4CB1-BE04-2F74E660120F", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "6925A921-F946-4746-AE60-18919E44DAE2", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "59C1988C-A886-4040-A640-81C8E6732813", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "0FA8C03D-3661-446D-B502-BEB52B7B6305", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "0239DD74-6914-4B1C-9DA4-8D8D799A9B58", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "86641EEE-52C4-4A09-9D0C-CC3254CFC256", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B4F65BFF-8F85-487E-850A-DFF8DA9D8F59", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6E12292F-25C7-48CD-A96A-097779B73DEC", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1503B2F8-3549-4E52-87E9-6F0FD91F1428", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D36C6B19-D8ED-4E32-AEA1-D045F3B922DC", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A1D20BE1-7450-45AB-8A36-5AA1A84C3B54", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F3FFD367-E47B-4491-9364-1BA3FA481964", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "65A931C9-4301-49E2-B3C8-235862664E36", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B8BA9BE0-1646-41EF-BCE2-7BD4021196C5", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5AAA2418-D5A0-44D9-B4C7-D55553D374C1", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "068DD700-87D5-4979-A000-84A4D630F653", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "CB505ABB-7752-4590-9E8A-C5EAC190B349", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F46B8BF4-6DB9-48C1-8CB6-1FE0DE5B08C7", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "A7B34FC0-168E-4CA8-B1F4-BDC0D2213280", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F10D272B-F8F8-4D67-B562-3B2AC9F30E52", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "71BBF6B3-6F7E-468C-9723-4C13049259D0", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "F13E6EC1-5BC4-4A17-928A-667DA7A93EBD", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C3F1C894-A475-457E-9AD9-934151E76200", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "678B7FC3-6796-4159-BF2B-8FAD49E0F566", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "DBCF9B1E-E4DF-46FE-BB85-E51657595936", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "98117B55-838B-47C5-84AE-8F84357F1BAE", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "670C542A-63F1-4FC2-B215-ADE94FCF3512", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "F104C6F4-47BB-416D-AB73-BBEA8A1BAE4B", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E47FF6-A851-4588-9F39-B292D4147AE6", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "1A8809FF-F8DF-48E8-9885-CD0C2AD79024", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E0972BE5-3E14-4BB3-A635-C346FA49AA85", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BBDBCC20-D7F8-4125-862F-E5596302DC90", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B7FFD156-606F-40DC-90D0-60B3DB5E3D90", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D960933D-9476-4473-A3FB-0032C051BE50", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3092DC8B-088E-45D2-BF0E-2E99C5395431", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "E1383A6A-60CF-4C10-9CFB-7B4FAEBEA3E6", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "29D81E70-82D9-4FE8-B0D0-214149C30CF0", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "6C126233-AEE0-4E51-A738-CB6D098C4478", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "44D33B41-F19D-4B46-9F9E-FC03051EBB0C", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "F1D72DB2-91EA-4DBB-A68F-DC5127930755", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6065C3C1-1C16-48A5-B879-0F2A4B757D66", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4BB3A6AE-0CE4-4A5D-AFA6-6AC0AE49B616", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B330C1A9-F937-4DE5-B111-46970DA853C2", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "63529AEA-8B74-4CA1-BADF-14514D243DC5", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C4B00FFF-D49D-4C1C-9416-F6E95049945C", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "54E61F23-BDD2-4938-AE39-D95C03B471B6", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D7BBC3D4-9B4E-4185-B327-8902DDFD4234", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C497F2ED-D143-4207-BCDA-68C3DB856529", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DE65180C-47C8-41CF-B6C7-181259605B2C", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DD3A8B31-C29E-4F5C-A95E-DB3F88E83A6D", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "40B3C644-1703-4599-9021-F2C919B11AEC", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "D518DD68-B336-43A8-883C-1CE7B9BB5B0F", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "ABF432A4-76B4-4D32-B864-60F30568CABF", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "54E703A5-F9F1-4DDA-8B70-D3C6F51038B6", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "BDB13A0E-C1C4-403C-9990-AB7729F9585D", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "755BF920-21B8-4D5C-AFF3-5566A0FF9FE4", versionEndExcluding: "6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CB10E02-C5CA-42AC-AD48-72CE508CD627", versionEndExcluding: "2.13.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*", matchCriteriaId: "1EA04F52-40D0-4A4B-9767-265A26EFD98D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5E409347-918D-4C13-AC0D-B76867A78786", versionEndExcluding: "6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7DB470D9-102A-429B-81C2-F9C28ABB627F", versionEndExcluding: "6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCBF7633-A3E7-4CEF-AC2A-085AF303FF27", versionEndExcluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*", matchCriteriaId: "725C671B-D7A0-48CF-8A31-5F9C4173F1DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0AF4337-C610-4E5B-9F6E-E0AE059E9D2E", versionEndExcluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w1700_ieee_802.11ac:-:*:*:*:*:*:*:*", matchCriteriaId: "55CA7B83-9295-451A-9B78-832761A6BA79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C4A8F09-A7B9-4569-A3AE-F3572CBD9AA5", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n:-:*:*:*:*:*:*:*", matchCriteriaId: "DEAC9491-87D0-480B-B49A-4EC5D2A2C802", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1242-7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58AACBFB-F828-4A17-816E-0BCA406B063D", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1242-7:-:*:*:*:*:*:*:*", matchCriteriaId: "122D4621-9DBD-4BB7-8CEF-2E9F69E6F8DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3FB9F6B9-7A43-4669-AEB8-30644609C5D9", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "65278BA0-3C81-4D81-9801-D7BE3A1D7680", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E5B6CE8-F314-43C4-A01A-79DA4C71A34F", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*", matchCriteriaId: "555FAB7F-8D8C-46E8-91E2-83AA93A41940", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9C1A675-67F8-4A1C-A67F-E081AC647A55", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_us:-:*:*:*:*:*:*:*", matchCriteriaId: "F5179046-6D98-46A2-BDB8-2D5EF3C6D46F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "251E49C6-735C-492F-BD26-6994A6BB40BD", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "350FD323-C876-4C7A-A2E7-4B0660C87F6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47EDF46E-8273-478A-A1F4-3CE781CB5E24", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "0602DEEA-AE39-4A44-9D78-6623943DDCD6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52ED214A-EA23-43A7-B7F8-F0017B1063F8", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "951CDCA7-73BD-4494-9ED9-FD741A01DF93", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F56C2BDC-928E-491A-8E7C-F976B3787C7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2D103B7-B693-4E35-AF55-9238B6A16E77", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "783B50B8-2FB7-4982-88AA-B4F2AD094796", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31BF3B2C-98D9-455F-BCB4-EEAC7EE84C9A", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63E0D36E-1DF9-4DB8-B563-EF77D947FA9E", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E39C5C7A-543C-4271-80EF-C728FFFA50D2", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34F52786-B328-4066-8F3C-457358E42989", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188:-:*:*:*:*:*:*:*", matchCriteriaId: "91E776EC-16DD-404D-A8AA-2344BA306E3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "361C68A1-6FDE-47EB-84C5-31AB100E8F30", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinema_remote_connect_server_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "284428BD-FF75-4D48-9137-2D64B46B6ED4", versionEndExcluding: "2.0.1", versionStartIncluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinema_remote_connect_server:-:*:*:*:*:*:*:*", matchCriteriaId: "50360459-773D-4B1C-B28D-02A01BE5A0EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.", }, { lang: "es", value: "El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegación de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. Un atacante podría provocar una condición de denegación de servicio (DoS) mediante el envío de fragmentos de IP especialmente manipulados. Se han descubierto varias vulnerabilidades en la fragmentación de IP, que se han ido solucionando a lo largo de los años. La vulnerabilidad actual (CVE-2018-5391) se volvió explotable en el kernel de Linux con el aumento del tamaño de la cola de reensamblado de fragmentos de IP.", }, ], id: "CVE-2018-5391", lastModified: "2024-11-21T04:08:43.897", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-06T21:29:00.363", references: [ { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { source: "cret@cert.org", tags: [ "Broken Link", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105108", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041476", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041637", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, { source: "cret@cert.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { source: "cret@cert.org", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { source: "cret@cert.org", url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3740-1/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3740-2/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3741-1/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3741-2/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3742-1/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3742-2/", }, { source: "cret@cert.org", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4272", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/641765", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105108", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041637", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3740-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3740-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3741-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3741-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3742-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3742-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/641765", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "cret@cert.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-10-04 01:29
Modified
2025-01-14 19:29
Severity ?
Summary
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", matchCriteriaId: "B85D7A28-8CBA-4D77-AD30-DB3CA49F2F98", versionEndIncluding: "2.77", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", matchCriteriaId: "588D4F37-0A56-47A4-B710-4D5F3D214FB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7B21E9A8-CE63-42C2-A11A-94D977A96DF1", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", matchCriteriaId: "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*", matchCriteriaId: "0FC411C9-9A8A-49D0-B704-2207674778CB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", matchCriteriaId: "B12243B2-D726-404C-ABFF-F1AB51BA1783", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*", matchCriteriaId: "B2F3699A-38E4-4E9D-9414-411F71D9E371", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*", matchCriteriaId: "54DF7A22-DF8B-4272-8EC6-48173E8860B8", versionEndExcluding: "r21.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_tk1:-:*:*:*:*:*:*:*", matchCriteriaId: "810B05A3-29CF-464F-9E63-8238AA0651AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*", matchCriteriaId: "22159717-67FD-4A10-9F65-4434FEC1F922", versionEndExcluding: "r24.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "5454038C-F1F0-4061-8B5C-04A8CF1658C6", versionEndExcluding: "3.10.0.55", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_v9_play_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF744446-5C60-4C66-BE6B-DD108487B46C", versionEndExcluding: "jimmy-al00ac00b135", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_v9_play:-:*:*:*:*:*:*:*", matchCriteriaId: "B543AF24-5D59-4A46-AC76-0EFF314E3D1A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "E861FF18-4E42-4092-81B6-0BB32679B2CF", versionEndIncluding: "4.15", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "E2DED50F-C1ED-43EB-9E63-B65F4F287F41", versionEndExcluding: "4.16.13m", versionStartIncluding: "4.16", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "B5F144E5-EFB1-47E7-A2D2-28DEE6045CF6", versionEndExcluding: "4.17.8m", versionStartIncluding: "4.17", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "8F1A3AF8-D105-4F13-8921-D94DCC7DE1AF", versionEndIncluding: "4.18.4.2f", versionStartIncluding: "4.18", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63C108C5-0EF5-4C6D-8D83-ADB5EED24A6F", versionEndExcluding: "5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E25B682B-83F5-4903-9138-16907DC7A859", versionEndExcluding: "5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8B2D681-1FBF-4013-B223-9878F4F1DB27", versionEndExcluding: "5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE55F796-FA73-4992-9826-57A00F77F6CA", versionEndExcluding: "6.5.1.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*", matchCriteriaId: "FBC30055-239F-4BB1-B2D1-E5E35F0D8911", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "CFE6B116-71BB-49BF-A5EF-4460D9089511", versionEndExcluding: "6.3.1.25", versionStartIncluding: "6.3.1", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "193354A0-B108-4CA4-A1C3-F5F23147A295", versionEndExcluding: "6.4.4.16", versionStartIncluding: "6.4.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "47D1AB4F-0922-49AF-9AE5-AEB4019E652C", versionEndExcluding: "6.5.1.9", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "8F5D03FA-CE4E-4888-88E2-384986A890BA", versionEndExcluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "E39B25F2-C65B-457F-A36E-14FC8285A004", versionEndExcluding: "6.5.4.2", versionStartIncluding: "6.5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "00E53FE9-EA96-456A-B522-FC81DD0CCE3E", versionEndExcluding: "8.1.0.4", versionStartIncluding: "8.1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*", matchCriteriaId: "46261C28-E276-4639-BA3D-A735B02599F8", vulnerable: true, }, { criteria: "cpe:2.3:o:synology:diskstation_manager:5.2:*:*:*:*:*:*:*", matchCriteriaId: "01527614-8A68-48DC-B0A0-F4AA99489221", vulnerable: true, }, { criteria: "cpe:2.3:o:synology:diskstation_manager:6.0:*:*:*:*:*:*:*", matchCriteriaId: "65372FA7-B54B-4298-99BF-483E9FEBA253", vulnerable: true, }, { criteria: "cpe:2.3:o:synology:diskstation_manager:6.1:*:*:*:*:*:*:*", matchCriteriaId: "3D04EA1A-F8E0-415B-8786-1C8C0F08E132", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.", }, { lang: "es", value: "Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario utilizando una respuesta DNS manipulada.", }, ], id: "CVE-2017-14491", lastModified: "2025-01-14T19:29:55.853", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-10-04T01:29:02.870", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { source: "cve@mitre.org", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2017/dsa-3989", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/101085", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/101977", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.securitytracker.com/id/1039474", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-3", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2836", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2837", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2838", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2839", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2840", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2841", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201710-27", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-3989", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/42941/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/973527", }, { source: "cve@mitre.org", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { source: "cve@mitre.org", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2017/dsa-3989", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/101085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/101977", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securitytracker.com/id/1039474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2836", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2838", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2839", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2840", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2841", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201710-27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-3989", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/42941/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/973527", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
CVE-2020-28400 (GCVE-0-2020-28400)
Vulnerability from cvelistv5
Published
2021-07-13 11:02
Modified
2024-12-10 13:53
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_b", vendor: "seimens", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_dk_standard_ethernet_controller:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_dk_standard_ethernet_controller", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_ek_ertec_200:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_ek_ertec_200", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_ek_ertec_200p:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_ek_ertec_200p", vendor: "siemens", versions: [ { lessThan: "v4.7", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:ruggedcom_rm1224:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ruggedcom_rm1224", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m804pb", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_a:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_a", vendor: "seimens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_b", vendor: "seimens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m816_1_adsl_router_annex_a:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m816_1_adsl_router_annex_a", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m816-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m816-1_adsl-router_annex_b", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m826-2_shdsl-router:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m826-2_shdsl-router", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_m874_2:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_m874_2", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_m874_3:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_m874_3", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_3_evdo:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_3_evdo", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_3_rok:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_3_rok", vendor: "siemens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_4_eu:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_4_eu", vendor: "siemens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_4_nam:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_4_nam", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_s615", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w700_ieee_802.11n_family:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w700_ieee_802.11n_family", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1748_1_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1748_1_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_1_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_1_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2_eec_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2_eec_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2ia_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2ia_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x200_4p_irt:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x200_4p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x201_3p_irt:0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x201_3p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x201_3p_irt_pro:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x201_3p_irt_pro", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalancce_x202_2p_irt:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalancce_x202_2p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_202_2p_irt_pro:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_202_2p_irt_pro", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalancce_x204_2:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalancce_x204_2", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2fm:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2fm", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ld:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ld", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ld_ts:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ld_ts", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ts:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ts", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2020-28400", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-13T18:59:11.953107Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-24T18:07:44.485Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-04T16:33:59.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) EU", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) NAM", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3 3G-Router (CN)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (A1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (B1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (A1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (B1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (CN)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (RoW)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 EEC LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 EEC M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2IA M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X200-4P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2FM", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD TS", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2TS", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208PRO", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X216", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X224", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (SC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (ST/BFOC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE EEC (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G (EIP DEF.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G (EIP def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G (EIP Def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G (EIP Def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204 DNA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA DNA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF206-1", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF208", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208 (Ethernet/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208PoE EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216 (Ethernet/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216POE EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 x FE, AC 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 X FE, DC 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG (without UL)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, AC 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, DC 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CFU DIQ", vendor: "Siemens", versions: [ { lessThan: "V2.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CFU PA", vendor: "Siemens", versions: [ { lessThan: "V2.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CM 1542-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1604", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1616", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1626", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC IE/PB-LINK", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "V3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET DK-16xx PN IO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Power Line Booster PLB, Base Module", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PROFINET Driver", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.3", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC216-4C", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SOFTNET-IE PNIO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 8.7, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770: Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T13:53:22.763Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-28400", datePublished: "2021-07-13T11:02:49", dateReserved: "2020-11-10T00:00:00", dateUpdated: "2024-12-10T13:53:22.763Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-25667 (GCVE-0-2021-25667)
Vulnerability from cvelistv5
Published
2021-03-15 17:03
Modified
2024-08-03 20:11
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf | x_refsource_MISC | |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 |
Version: All versions >= V4.3 and < V6.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:11:27.468Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "RUGGEDCOM RM1224", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V4.3 and < V6.4", }, ], }, { product: "SCALANCE M-800", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V4.3 and < V6.4", }, ], }, { product: "SCALANCE S615", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V4.3 and < V6.4", }, ], }, { product: "SCALANCE SC-600 Family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.0 and < V2.1.3", }, ], }, { product: "SCALANCE XB-200", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1", }, ], }, { product: "SCALANCE XC-200", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1", }, ], }, { product: "SCALANCE XF-200BA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1", }, ], }, { product: "SCALANCE XM400", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.2", }, ], }, { product: "SCALANCE XP-200", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1", }, ], }, { product: "SCALANCE XR-300WG", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1", }, ], }, { product: "SCALANCE XR500", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121: Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-22T20:42:20", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-25667", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "RUGGEDCOM RM1224", version: { version_data: [ { version_value: "All versions >= V4.3 and < V6.4", }, ], }, }, { product_name: "SCALANCE M-800", version: { version_data: [ { version_value: "All versions >= V4.3 and < V6.4", }, ], }, }, { product_name: "SCALANCE S615", version: { version_data: [ { version_value: "All versions >= V4.3 and < V6.4", }, ], }, }, { product_name: "SCALANCE SC-600 Family", version: { version_data: [ { version_value: "All versions >= V2.0 and < V2.1.3", }, ], }, }, { product_name: "SCALANCE XB-200", version: { version_data: [ { version_value: "All versions < V4.1", }, ], }, }, { product_name: "SCALANCE XC-200", version: { version_data: [ { version_value: "All versions < V4.1", }, ], }, }, { product_name: "SCALANCE XF-200BA", version: { version_data: [ { version_value: "All versions < V4.1", }, ], }, }, { product_name: "SCALANCE XM400", version: { version_data: [ { version_value: "All versions < V6.2", }, ], }, }, { product_name: "SCALANCE XP-200", version: { version_data: [ { version_value: "All versions < V4.1", }, ], }, }, { product_name: "SCALANCE XR-300WG", version: { version_data: [ { version_value: "All versions < V4.1", }, ], }, }, { product_name: "SCALANCE XR500", version: { version_data: [ { version_value: "All versions < V6.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-121: Stack-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf", }, { name: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03", refsource: "MISC", url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-25667", datePublished: "2021-03-15T17:03:31", dateReserved: "2021-01-21T00:00:00", dateUpdated: "2024-08-03T20:11:27.468Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-14491 (GCVE-0-2017-14491)
Vulnerability from cvelistv5
Published
2017-10-02 21:00
Modified
2024-08-05 19:27
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039474 | vdb-entry, x_refsource_SECTRACK | |
| https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq | x_refsource_CONFIRM | |
| http://www.debian.org/security/2017/dsa-3989 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/security/vulnerabilities/3199382 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/101085 | vdb-entry, x_refsource_BID | |
| http://www.ubuntu.com/usn/USN-3430-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/101977 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2017:2838 | vendor-advisory, x_refsource_REDHAT | |
| https://www.kb.cert.org/vuls/id/973527 | third-party-advisory, x_refsource_CERT-VN | |
| https://security.gentoo.org/glsa/201710-27 | vendor-advisory, x_refsource_GENTOO | |
| https://access.redhat.com/errata/RHSA-2017:2840 | vendor-advisory, x_refsource_REDHAT | |
| http://www.ubuntu.com/usn/USN-3430-2 | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2017:2839 | vendor-advisory, x_refsource_REDHAT | |
| https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html | mailing-list, x_refsource_MLIST | |
| https://access.redhat.com/errata/RHSA-2017:2836 | vendor-advisory, x_refsource_REDHAT | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4561 | x_refsource_CONFIRM | |
| http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2017:2837 | vendor-advisory, x_refsource_REDHAT | |
| https://www.exploit-db.com/exploits/42941/ | exploit, x_refsource_EXPLOIT-DB | |
| http://thekelleys.org.uk/dnsmasq/CHANGELOG | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2017:2841 | vendor-advisory, x_refsource_REDHAT | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4560 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html | vendor-advisory, x_refsource_SUSE | |
| https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html | x_refsource_MISC | |
| https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html | mailing-list, x_refsource_MLIST | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/ | vendor-advisory, x_refsource_FEDORA | |
| http://www.ubuntu.com/usn/USN-3430-3 | vendor-advisory, x_refsource_UBUNTU | |
| http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html | vendor-advisory, x_refsource_SUSE | |
| https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/ | x_refsource_CONFIRM | |
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en | x_refsource_CONFIRM | |
| https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449 | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/ | vendor-advisory, x_refsource_FEDORA | |
| http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html | vendor-advisory, x_refsource_SUSE | |
| https://www.debian.org/security/2017/dsa-3989 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:27:40.755Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1039474", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039474", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { name: "DSA-3989", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-3989", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { name: "101085", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/101085", }, { name: "USN-3430-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3430-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc", }, { name: "101977", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/101977", }, { name: "RHSA-2017:2838", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2838", }, { name: "VU#973527", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/973527", }, { name: "GLSA-201710-27", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201710-27", }, { name: "RHSA-2017:2840", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2840", }, { name: "USN-3430-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3430-2", }, { name: "RHSA-2017:2839", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2839", }, { name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { name: "RHSA-2017:2836", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2836", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", }, { name: "RHSA-2017:2837", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2837", }, { name: "42941", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/42941/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { name: "RHSA-2017:2841", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2841", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560", }, { name: "openSUSE-SU-2017:2633", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { name: "FEDORA-2017-515264ae24", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/", }, { name: "FEDORA-2017-24f067299e", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/", }, { name: "USN-3430-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3430-3", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html", }, { name: "SUSE-SU-2017:2619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449", }, { name: "FEDORA-2017-7106a157f5", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/", }, { name: "SUSE-SU-2017:2616", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html", }, { name: "SUSE-SU-2017:2617", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html", }, { name: "DSA-3989", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2017/dsa-3989", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-10-02T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-08T11:42:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1039474", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039474", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { name: "DSA-3989", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-3989", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { name: "101085", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/101085", }, { name: "USN-3430-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3430-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc", }, { name: "101977", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/101977", }, { name: "RHSA-2017:2838", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2838", }, { name: "VU#973527", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/973527", }, { name: "GLSA-201710-27", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201710-27", }, { name: "RHSA-2017:2840", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2840", }, { name: "USN-3430-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3430-2", }, { name: "RHSA-2017:2839", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2839", }, { name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { name: "RHSA-2017:2836", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2836", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", }, { name: "RHSA-2017:2837", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2837", }, { name: "42941", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/42941/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { name: "RHSA-2017:2841", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2841", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560", }, { name: "openSUSE-SU-2017:2633", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", }, { tags: [ "x_refsource_MISC", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { name: "FEDORA-2017-515264ae24", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/", }, { name: "FEDORA-2017-24f067299e", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/", }, { name: "USN-3430-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3430-3", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html", }, { name: "SUSE-SU-2017:2619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449", }, { name: "FEDORA-2017-7106a157f5", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/", }, { name: "SUSE-SU-2017:2616", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html", }, { name: "SUSE-SU-2017:2617", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html", }, { name: "DSA-3989", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2017/dsa-3989", }, { tags: [ "x_refsource_MISC", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-14491", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1039474", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039474", }, { name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", refsource: "CONFIRM", url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { name: "DSA-3989", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-3989", }, { name: "https://access.redhat.com/security/vulnerabilities/3199382", refsource: "CONFIRM", url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { name: "101085", refsource: "BID", url: "http://www.securityfocus.com/bid/101085", }, { name: "USN-3430-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3430-1", }, { name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc", refsource: "CONFIRM", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc", }, { name: "101977", refsource: "BID", url: "http://www.securityfocus.com/bid/101977", }, { name: "RHSA-2017:2838", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2838", }, { name: "VU#973527", refsource: "CERT-VN", url: "https://www.kb.cert.org/vuls/id/973527", }, { name: "GLSA-201710-27", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201710-27", }, { name: "RHSA-2017:2840", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2840", }, { name: "USN-3430-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3430-2", }, { name: "RHSA-2017:2839", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2839", }, { name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.", refsource: "MLIST", url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html", }, { name: "RHSA-2017:2836", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2836", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", refsource: "CONFIRM", url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", }, { name: "RHSA-2017:2837", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2837", }, { name: "42941", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/42941/", }, { name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", refsource: "CONFIRM", url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { name: "RHSA-2017:2841", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2841", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560", }, { name: "openSUSE-SU-2017:2633", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", }, { name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", refsource: "MISC", url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.", refsource: "MLIST", url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { name: "FEDORA-2017-515264ae24", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/", }, { name: "FEDORA-2017-24f067299e", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/", }, { name: "USN-3430-3", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3430-3", }, { name: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html", }, { name: "SUSE-SU-2017:2619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html", }, { name: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/", refsource: "CONFIRM", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/", }, { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en", }, { name: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449", refsource: "CONFIRM", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449", }, { name: "FEDORA-2017-7106a157f5", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/", }, { name: "SUSE-SU-2017:2616", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html", }, { name: "SUSE-SU-2017:2617", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html", }, { name: "DSA-3989", refsource: "DEBIAN", url: "https://www.debian.org/security/2017/dsa-3989", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-14491", datePublished: "2017-10-02T21:00:00", dateReserved: "2017-09-15T00:00:00", dateUpdated: "2024-08-05T19:27:40.755Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-31766 (GCVE-0-2022-31766)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2025-02-11 10:26
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions >= V1.1.0 < V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.
This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V7.1.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:26:01.135Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) EU", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) NAM", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (RoW)", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 EEC LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V7.1.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM763-1", vendor: "Siemens", versions: [ { lessThan: "V3.0.0", status: "affected", version: "V1.1.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1", vendor: "Siemens", versions: [ { lessThan: "V3.0.0", status: "affected", version: "V1.1.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 (US)", vendor: "Siemens", versions: [ { lessThan: "V3.0.0", status: "affected", version: "V1.1.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 EEC", vendor: "Siemens", versions: [ { lessThan: "V3.0.0", status: "affected", version: "V1.1.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 EEC (US)", vendor: "Siemens", versions: [ { lessThan: "V3.0.0", status: "affected", version: "V1.1.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM763-1", vendor: "Siemens", versions: [ { lessThan: "V3.0.0", status: "affected", version: "V1.1.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM763-1", vendor: "Siemens", versions: [ { lessThan: "V3.0.0", status: "affected", version: "V1.1.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM766-1", vendor: "Siemens", versions: [ { lessThan: "V3.0.0", status: "affected", version: "V1.1.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM766-1 (USA)", vendor: "Siemens", versions: [ { lessThan: "V3.0.0", status: "affected", version: "V1.1.0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions >= V1.1.0 < V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.\r\nThis could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T10:26:25.003Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-697140.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-31766", datePublished: "2022-10-11T00:00:00", dateReserved: "2022-05-27T00:00:00", dateUpdated: "2025-02-11T10:26:25.003Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-13946 (GCVE-0-2019-13946)
Vulnerability from cvelistv5
Published
2020-02-11 15:36
Modified
2024-08-05 00:05
Severity ?
EPSS score ?
Summary
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit
internal resource allocation when multiple legitimate diagnostic package
requests are sent to the DCE-RPC interface.
This could lead to a denial of service condition due to lack of memory
for devices that include a vulnerable version of the stack.
The security vulnerability could be exploited by an attacker with network
access to an affected device. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise the availability of the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller |
Version: 0 < * |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2019-13946", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-09T18:06:01.358486Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-09T18:06:09.778Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T00:05:44.023Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-780073.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V4.6", }, ], }, { defaultStatus: "unknown", product: "PROFINET Driver for Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V2.1", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 LAN-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W-700 IEEE 802.11n family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions <= V6.0.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X200-4P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2FM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X224", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB-200 family", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC-200", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF-200BA", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF206-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM-400 family", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP-200", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR-300WG family", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR-500 family", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1616 and CP 1604", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V2.8", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 ERPC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 Lean", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 OPC UA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200AL IM 157-1 PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200M IM 153-4 PN IO HF (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200M IM 153-4 PN IO ST (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM 154-3 PN HF", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM 154-4 PN HF", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN BA", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN ST BA", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 4AO U/I 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN: IO-Link Master", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200S (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC IPC Support, Package for VxWorks", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-B", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-B Body", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-P", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-P Body", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 HR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 SR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 UR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF180C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF182C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF600R family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3", }, ], }, { defaultStatus: "unknown", product: "SIMOTION C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SIMOTION D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SIMOTION P", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SINAMICS DCP", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V1.3", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST BA", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 343-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 343-1 Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 343-1 Lean", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SOFTNET-IE PNIO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit\ninternal resource allocation when multiple legitimate diagnostic package\nrequests are sent to the DCE-RPC interface.\nThis could lead to a denial of service condition due to lack of memory\nfor devices that include a vulnerable version of the stack.\n\nThe security vulnerability could be exploited by an attacker with network\naccess to an affected device. Successful exploitation requires no system\nprivileges and no user interaction. An attacker could use the vulnerability\nto compromise the availability of the device.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-09T12:03:58.088Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-780073.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-13946", datePublished: "2020-02-11T15:36:10", dateReserved: "2019-07-18T00:00:00", dateUpdated: "2024-08-05T00:05:44.023Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-5391 (GCVE-0-2018-5391)
Vulnerability from cvelistv5
Published
2018-09-06 21:00
Modified
2024-08-05 05:33
Severity ?
EPSS score ?
Summary
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:3540 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2785 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:3083 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2925 | vendor-advisory, x_refsource_REDHAT | |
| https://www.kb.cert.org/vuls/id/641765 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt | x_refsource_CONFIRM | |
| https://usn.ubuntu.com/3741-2/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securitytracker.com/id/1041476 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2018:3459 | vendor-advisory, x_refsource_REDHAT | |
| https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f | x_refsource_MISC | |
| https://access.redhat.com/errata/RHSA-2018:2933 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/3740-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3741-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2018:3590 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2948 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/3742-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3740-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securityfocus.com/bid/105108 | vdb-entry, x_refsource_BID | |
| https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/3742-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2018:2924 | vendor-advisory, x_refsource_REDHAT | |
| https://www.debian.org/security/2018/dsa-4272 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/errata/RHSA-2018:3586 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2846 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1041637 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2018:3096 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2791 | vendor-advisory, x_refsource_REDHAT | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20181003-0002/ | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2019/06/28/2 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2019/07/06/3 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2019/07/06/4 | mailing-list, x_refsource_MLIST | |
| https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS | x_refsource_CONFIRM | |
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:33:44.368Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:3540", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { name: "RHSA-2018:2785", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { name: "RHSA-2018:3083", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { name: "RHSA-2018:2925", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { name: "VU#641765", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/641765", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { name: "USN-3741-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3741-2/", }, { name: "1041476", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041476", }, { name: "RHSA-2018:3459", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { name: "RHSA-2018:2933", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { name: "USN-3740-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3740-2/", }, { name: "USN-3741-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3741-1/", }, { name: "RHSA-2018:3590", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { name: "RHSA-2018:2948", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { name: "USN-3742-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3742-2/", }, { name: "USN-3740-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3740-1/", }, { name: "105108", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105108", }, { name: "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { name: "USN-3742-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3742-1/", }, { name: "RHSA-2018:2924", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { name: "DSA-4272", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4272", }, { name: "RHSA-2018:3586", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { name: "RHSA-2018:2846", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { name: "1041637", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041637", }, { name: "RHSA-2018:3096", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { name: "RHSA-2018:2791", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { name: "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Kernel", vendor: "Linux", versions: [ { lessThan: "3.9*", status: "affected", version: "3.9", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Thanks to Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) for reporting this vulnerability.", }, ], datePublic: "2018-09-06T00:00:00", descriptions: [ { lang: "en", value: "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-14T12:06:39", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "RHSA-2018:3540", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { name: "RHSA-2018:2785", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { name: "RHSA-2018:3083", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { name: "RHSA-2018:2925", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { name: "VU#641765", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/641765", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { name: "USN-3741-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3741-2/", }, { name: "1041476", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041476", }, { name: "RHSA-2018:3459", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { tags: [ "x_refsource_MISC", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { name: "RHSA-2018:2933", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { name: "USN-3740-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3740-2/", }, { name: "USN-3741-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3741-1/", }, { name: "RHSA-2018:3590", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { name: "RHSA-2018:2948", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { name: "USN-3742-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3742-2/", }, { name: "USN-3740-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3740-1/", }, { name: "105108", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105108", }, { name: "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { name: "USN-3742-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3742-1/", }, { name: "RHSA-2018:2924", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { name: "DSA-4272", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4272", }, { name: "RHSA-2018:3586", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { name: "RHSA-2018:2846", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { name: "1041637", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041637", }, { name: "RHSA-2018:3096", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { name: "RHSA-2018:2791", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { name: "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, ], source: { discovery: "UNKNOWN", }, title: "The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cert@cert.org", ID: "CVE-2018-5391", STATE: "PUBLIC", TITLE: "The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Kernel", version: { version_data: [ { affected: ">=", version_affected: ">=", version_name: "3.9", version_value: "3.9", }, ], }, }, ], }, vendor_name: "Linux", }, ], }, }, credit: [ { lang: "eng", value: "Thanks to Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) for reporting this vulnerability.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:3540", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { name: "RHSA-2018:2785", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { name: "RHSA-2018:3083", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { name: "RHSA-2018:2925", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { name: "VU#641765", refsource: "CERT-VN", url: "https://www.kb.cert.org/vuls/id/641765", }, { name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", refsource: "CONFIRM", url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { name: "USN-3741-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3741-2/", }, { name: "1041476", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041476", }, { name: "RHSA-2018:3459", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { name: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", refsource: "MISC", url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { name: "RHSA-2018:2933", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { name: "USN-3740-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3740-2/", }, { name: "USN-3741-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3741-1/", }, { name: "RHSA-2018:3590", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { name: "RHSA-2018:2948", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { name: "USN-3742-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3742-2/", }, { name: "USN-3740-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3740-1/", }, { name: "105108", refsource: "BID", url: "http://www.securityfocus.com/bid/105108", }, { name: "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { name: "USN-3742-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3742-1/", }, { name: "RHSA-2018:2924", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { name: "DSA-4272", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4272", }, { name: "RHSA-2018:3586", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { name: "RHSA-2018:2846", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { name: "1041637", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041637", }, { name: "RHSA-2018:3096", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { name: "RHSA-2018:2791", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { name: "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { name: "https://security.netapp.com/advisory/ntap-20181003-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { name: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&utm_medium=RSS", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&utm_medium=RSS", }, { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2018-5391", datePublished: "2018-09-06T21:00:00", dateReserved: "2018-01-12T00:00:00", dateUpdated: "2024-08-05T05:33:44.368Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-25676 (GCVE-0-2021-25676)
Vulnerability from cvelistv5
Published
2021-03-15 17:03
Modified
2024-08-03 20:11
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf | x_refsource_MISC | |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 |
Version: V6.3 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:11:27.563Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "RUGGEDCOM RM1224", vendor: "Siemens", versions: [ { status: "affected", version: "V6.3", }, ], }, { product: "SCALANCE M-800", vendor: "Siemens", versions: [ { status: "affected", version: "V6.3", }, ], }, { product: "SCALANCE S615", vendor: "Siemens", versions: [ { status: "affected", version: "V6.3", }, ], }, { product: "SCALANCE SC-600", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.1 and < V2.1.3", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-307", description: "CWE-307: Improper Restriction of Excessive Authentication Attempts", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-22T20:42:21", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-25676", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "RUGGEDCOM RM1224", version: { version_data: [ { version_value: "V6.3", }, ], }, }, { product_name: "SCALANCE M-800", version: { version_data: [ { version_value: "V6.3", }, ], }, }, { product_name: "SCALANCE S615", version: { version_data: [ { version_value: "V6.3", }, ], }, }, { product_name: "SCALANCE SC-600", version: { version_data: [ { version_value: "All Versions >= V2.1 and < V2.1.3", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-307: Improper Restriction of Excessive Authentication Attempts", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf", }, { name: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02", refsource: "CONFIRM", url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-25676", datePublished: "2021-03-15T17:03:31", dateReserved: "2021-01-21T00:00:00", dateUpdated: "2024-08-03T20:11:27.563Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }