Vulnerability-Lookup - Search a vulnerability

Version: 0 < V8.2

Siemens	RUGGEDCOM RM1224 LTE(4G) NAM	Version: 0 < V8.2
Siemens	SCALANCE M804PB	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M826-2 SHDSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M874-2	Version: 0 < V8.2
Siemens	SCALANCE M874-3	Version: 0 < V8.2
Siemens	SCALANCE M874-3 3G-Router (CN)	Version: 0 < V8.2
Siemens	SCALANCE M876-3	Version: 0 < V8.2
Siemens	SCALANCE M876-3 (ROK)	Version: 0 < V8.2
Siemens	SCALANCE M876-4	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (EU)	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (NAM)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (CN)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (RoW)	Version: 0 < V8.2
Siemens	SCALANCE S615 EEC LAN-Router	Version: 0 < V8.2
Siemens	SCALANCE S615 LAN-Router	Version: 0 < V8.2

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50559",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:50:16.703540Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:50:27.518Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3 3G-Router (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T12:50:01.376Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-50559",
    "datePublished": "2024-11-12T12:50:01.376Z",
    "dateReserved": "2024-10-24T11:01:04.416Z",
    "dateUpdated": "2024-11-12T14:50:27.518Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-50557

Vulnerability from cvelistv5

Published

2024-11-12 12:49

Modified

2024-11-20 16:47

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-354112.html

Impacted products

Vendor

Product

Version

▼

Version: 0 < V8.2

Siemens	RUGGEDCOM RM1224 LTE(4G) NAM	Version: 0 < V8.2
Siemens	SCALANCE M804PB	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M826-2 SHDSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M874-2	Version: 0 < V8.2
Siemens	SCALANCE M874-3	Version: 0 < V8.2
Siemens	SCALANCE M874-3 3G-Router (CN)	Version: 0 < V8.2
Siemens	SCALANCE M876-3	Version: 0 < V8.2
Siemens	SCALANCE M876-3 (ROK)	Version: 0 < V8.2
Siemens	SCALANCE M876-4	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (EU)	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (NAM)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (CN)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (RoW)	Version: 0 < V8.2
Siemens	SCALANCE S615 EEC LAN-Router	Version: 0 < V8.2
Siemens	SCALANCE S615 LAN-Router	Version: 0 < V8.2

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m874-3_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m874-3_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m816-1_\\(annex_b\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_s615_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_s615_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_s615_eec_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_s615_eec_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(row\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(eu\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(cn\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(b1\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(a1\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum853-1_\\(a1\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum853-1_\\(b1\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum853-1_\\(eu\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:siemens:scalance_m876-4_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m876-4_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m876-3_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m876-3_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m812-1_\\(annex_b\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m804pb_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m804pb_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ruggedcom_rm1224_lte\\(4g\\)_nam_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50557",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:25:19.026984Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T16:47:43.578Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3 3G-Router (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated  remote attacker to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T12:49:56.426Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-50557",
    "datePublished": "2024-11-12T12:49:56.426Z",
    "dateReserved": "2024-10-24T10:38:08.424Z",
    "dateUpdated": "2024-11-20T16:47:43.578Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-50560

Vulnerability from cvelistv5

Published

2024-11-12 12:50

Modified

2024-11-12 14:50

Severity ?

3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
2.3 (Low) - CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-354112.html

Impacted products

Vendor

Product

Version

▼

Version: 0 < V8.2

Siemens	RUGGEDCOM RM1224 LTE(4G) NAM	Version: 0 < V8.2
Siemens	SCALANCE M804PB	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M826-2 SHDSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M874-2	Version: 0 < V8.2
Siemens	SCALANCE M874-3	Version: 0 < V8.2
Siemens	SCALANCE M874-3 3G-Router (CN)	Version: 0 < V8.2
Siemens	SCALANCE M876-3	Version: 0 < V8.2
Siemens	SCALANCE M876-3 (ROK)	Version: 0 < V8.2
Siemens	SCALANCE M876-4	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (EU)	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (NAM)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (CN)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (RoW)	Version: 0 < V8.2
Siemens	SCALANCE S615 EEC LAN-Router	Version: 0 < V8.2
Siemens	SCALANCE S615 LAN-Router	Version: 0 < V8.2

Show details on NVD website

https://github.com/curl/curl

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50560",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:49:48.660026Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:50:02.465Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3 3G-Router (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T12:50:04.034Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-50560",
    "datePublished": "2024-11-12T12:50:04.034Z",
    "dateReserved": "2024-10-24T11:37:28.687Z",
    "dateUpdated": "2024-11-12T14:50:02.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22924

Vulnerability from cvelistv5

Published

2021-08-05 20:16

Modified

2024-08-03 18:58

Severity ?

Summary

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.

References

▼	URL	Tags
	https://hackerone.com/reports/1223565	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/	vendor-advisory, x_refsource_FEDORA
	https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E	mailing-list, x_refsource_MLIST
	https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-20210902-0003/	x_refsource_CONFIRM
	https://www.oracle.com/security-alerts/cpujan2022.html	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf	x_refsource_CONFIRM
	https://www.debian.org/security/2022/dsa-5197	vendor-advisory, x_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html	mailing-list, x_refsource_MLIST

Impacted products

Vendor

Product

Version

▼

n/a

Version: curl 7.10.4 to and include curl 7.77.0

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:58:25.955Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/1223565"
          },
          {
            "name": "FEDORA-2021-5d21b90a30",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"
          },
          {
            "name": "[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html"
          },
          {
            "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210902-0003/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
          },
          {
            "name": "DSA-5197",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5197"
          },
          {
            "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "https://github.com/curl/curl",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "curl 7.10.4 to and include curl 7.77.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can setto qualify how to verify the server certificate."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation (CWE-20)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-29T00:06:17",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/1223565"
        },
        {
          "name": "FEDORA-2021-5d21b90a30",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"
        },
        {
          "name": "[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html"
        },
        {
          "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20210902-0003/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
        },
        {
          "name": "DSA-5197",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5197"
        },
        {
          "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2021-22924",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "https://github.com/curl/curl",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "curl 7.10.4 to and include curl 7.77.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can setto qualify how to verify the server certificate."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Input Validation (CWE-20)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://hackerone.com/reports/1223565",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/1223565"
            },
            {
              "name": "FEDORA-2021-5d21b90a30",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"
            },
            {
              "name": "[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html"
            },
            {
              "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E"
            },
            {
              "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E"
            },
            {
              "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E"
            },
            {
              "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210902-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20210902-0003/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
            },
            {
              "name": "DSA-5197",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5197"
            },
            {
              "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2021-22924",
    "datePublished": "2021-08-05T20:16:56",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:58:25.955Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-50561

Vulnerability from cvelistv5

Published

2024-11-12 12:50

Modified

2024-11-12 14:49

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-354112.html

Impacted products

Vendor

Product

Version

▼

Version: 0 < V8.2

Siemens	RUGGEDCOM RM1224 LTE(4G) NAM	Version: 0 < V8.2
Siemens	SCALANCE M804PB	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M826-2 SHDSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M874-2	Version: 0 < V8.2
Siemens	SCALANCE M874-3	Version: 0 < V8.2
Siemens	SCALANCE M874-3 3G-Router (CN)	Version: 0 < V8.2
Siemens	SCALANCE M876-3	Version: 0 < V8.2
Siemens	SCALANCE M876-3 (ROK)	Version: 0 < V8.2
Siemens	SCALANCE M876-4	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (EU)	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (NAM)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (CN)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (RoW)	Version: 0 < V8.2
Siemens	SCALANCE S615 EEC LAN-Router	Version: 0 < V8.2
Siemens	SCALANCE S615 LAN-Router	Version: 0 < V8.2

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50561",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:49:22.927445Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:49:34.376Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3 3G-Router (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T12:50:06.660Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-50561",
    "datePublished": "2024-11-12T12:50:06.660Z",
    "dateReserved": "2024-10-24T11:37:28.688Z",
    "dateUpdated": "2024-11-12T14:49:34.376Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-50572

Vulnerability from cvelistv5

Published

2024-11-12 12:50

Modified

2024-11-20 16:51

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-354112.html

Impacted products

Vendor

Product

Version

▼

Version: 0 < V8.2

Siemens	RUGGEDCOM RM1224 LTE(4G) NAM	Version: 0 < V8.2
Siemens	SCALANCE M804PB	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M826-2 SHDSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M874-2	Version: 0 < V8.2
Siemens	SCALANCE M874-3	Version: 0 < V8.2
Siemens	SCALANCE M874-3 3G-Router (CN)	Version: 0 < V8.2
Siemens	SCALANCE M876-3	Version: 0 < V8.2
Siemens	SCALANCE M876-3 (ROK)	Version: 0 < V8.2
Siemens	SCALANCE M876-4	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (EU)	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (NAM)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (CN)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (RoW)	Version: 0 < V8.2
Siemens	SCALANCE S615 EEC LAN-Router	Version: 0 < V8.2
Siemens	SCALANCE S615 LAN-Router	Version: 0 < V8.2

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m874-3_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m874-3_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m816-1_\\(annex_b\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_s615_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_s615_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_s615_eec_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_s615_eec_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(row\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(eu\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(cn\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(b1\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum856-1_\\(a1\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum853-1_\\(a1\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum853-1_\\(b1\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_mum853-1_\\(eu\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:siemens:scalance_m876-4_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m876-4_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m876-3_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m876-3_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m812-1_\\(annex_b\\)_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:scalance_m804pb_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scalance_m804pb_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ruggedcom_rm1224_lte\\(4g\\)_nam_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "8.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50572",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:51:10.879106Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T16:51:19.040Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3 3G-Router (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly sanitize an input field.  This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-74",
              "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T12:50:08.911Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-50572",
    "datePublished": "2024-11-12T12:50:08.911Z",
    "dateReserved": "2024-10-24T13:47:50.881Z",
    "dateUpdated": "2024-11-20T16:51:19.040Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-31766

Vulnerability from cvelistv5

Published

2022-10-11 00:00

Modified

2024-08-03 07:26

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf

Impacted products

Vendor

Product

Version

▼

Version: All versions < V7.1.2

Siemens	RUGGEDCOM RM1224 LTE(4G) NAM	Version: All versions < V7.1.2
Siemens	SCALANCE M804PB	Version: All versions < V7.1.2
Siemens	SCALANCE M812-1 ADSL-Router (Annex A)	Version: All versions < V7.1.2
Siemens	SCALANCE M812-1 ADSL-Router (Annex B)	Version: All versions < V7.1.2
Siemens	SCALANCE M816-1 ADSL-Router (Annex A)	Version: All versions < V7.1.2
Siemens	SCALANCE M816-1 ADSL-Router (Annex B)	Version: All versions < V7.1.2
Siemens	SCALANCE M826-2 SHDSL-Router	Version: All versions < V7.1.2
Siemens	SCALANCE M874-2	Version: All versions < V7.1.2
Siemens	SCALANCE M874-3	Version: All versions < V7.1.2
Siemens	SCALANCE M876-3 (EVDO)	Version: All versions < V7.1.2
Siemens	SCALANCE M876-3 (ROK)	Version: All versions < V7.1.2
Siemens	SCALANCE M876-4	Version: All versions < V7.1.2
Siemens	SCALANCE M876-4 (EU)	Version: All versions < V7.1.2
Siemens	SCALANCE M876-4 (NAM)	Version: All versions < V7.1.2
Siemens	SCALANCE MUM853-1 (EU)	Version: All versions < V7.1.2
Siemens	SCALANCE MUM856-1 (EU)	Version: All versions < V7.1.2
Siemens	SCALANCE MUM856-1 (RoW)	Version: All versions < V7.1.2
Siemens	SCALANCE S615	Version: All versions < V7.1.2
Siemens	SCALANCE S615 EEC	Version: All versions < V7.1.2
Siemens	SCALANCE WAM763-1	Version: All versions >= V1.1.0 < V2.0
Siemens	SCALANCE WAM766-1 (EU)	Version: All versions >= V1.1.0 < V2.0
Siemens	SCALANCE WAM766-1 (US)	Version: All versions >= V1.1.0 < V2.0
Siemens	SCALANCE WAM766-1 EEC (EU)	Version: All versions >= V1.1.0 < V2.0
Siemens	SCALANCE WAM766-1 EEC (US)	Version: All versions >= V1.1.0 < V2.0
Siemens	SCALANCE WUM763-1	Version: All versions >= V1.1.0 < V2.0
Siemens	SCALANCE WUM763-1	Version: All versions >= V1.1.0 < V2.0
Siemens	SCALANCE WUM766-1 (EU)	Version: All versions >= V1.1.0 < V2.0
Siemens	SCALANCE WUM766-1 (US)	Version: All versions >= V1.1.0 < V2.0

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:26:01.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (EVDO)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V1.1.0 \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V1.1.0 \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V1.1.0 \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V1.1.0 \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V1.1.0 \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V1.1.0 \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V1.1.0 \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V1.1.0 \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V1.1.0 \u003c V2.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.1.2), SCALANCE M804PB (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.1.2), SCALANCE M874-2 (All versions \u003c V7.1.2), SCALANCE M874-3 (All versions \u003c V7.1.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.1.2), SCALANCE M876-4 (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.1.2), SCALANCE S615 (All versions \u003c V7.1.2), SCALANCE S615 EEC (All versions \u003c V7.1.2), SCALANCE WAM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.\r\nThis could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-14T09:30:35.008Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-31766",
    "datePublished": "2022-10-11T00:00:00",
    "dateReserved": "2022-05-27T00:00:00",
    "dateUpdated": "2024-08-03T07:26:01.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-50558

Vulnerability from cvelistv5

Published

2024-11-12 12:49

Modified

2024-11-12 14:50

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices improperly manage access control for read-only users. This could allow an attacker to cause a temporary denial of service condition.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-354112.html

Impacted products

Vendor

Product

Version

▼

Version: 0 < V8.2

Siemens	RUGGEDCOM RM1224 LTE(4G) NAM	Version: 0 < V8.2
Siemens	SCALANCE M804PB	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M812-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M816-1 ADSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M826-2 SHDSL-Router	Version: 0 < V8.2
Siemens	SCALANCE M874-2	Version: 0 < V8.2
Siemens	SCALANCE M874-3	Version: 0 < V8.2
Siemens	SCALANCE M874-3 3G-Router (CN)	Version: 0 < V8.2
Siemens	SCALANCE M876-3	Version: 0 < V8.2
Siemens	SCALANCE M876-3 (ROK)	Version: 0 < V8.2
Siemens	SCALANCE M876-4	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (EU)	Version: 0 < V8.2
Siemens	SCALANCE M876-4 (NAM)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM853-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (A1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (B1)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (CN)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (EU)	Version: 0 < V8.2
Siemens	SCALANCE MUM856-1 (RoW)	Version: 0 < V8.2
Siemens	SCALANCE S615 EEC LAN-Router	Version: 0 < V8.2
Siemens	SCALANCE S615 LAN-Router	Version: 0 < V8.2

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50558",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:50:50.605395Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:50:58.351Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3 3G-Router (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (A1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (B1)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (CN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices improperly manage access control for read-only users. This could allow an attacker to cause a temporary denial of service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T12:49:58.734Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-50558",
    "datePublished": "2024-11-12T12:49:58.734Z",
    "dateReserved": "2024-10-24T11:01:04.416Z",
    "dateUpdated": "2024-11-12T14:50:58.351Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2024-11-12 13:15

Modified

2024-11-13 19:59

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-354112.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	ruggedcom_rm1224_lte\(4g\)_eu_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_eu	-
siemens	ruggedcom_rm1224_lte\(4g\)_nam_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_nam	-
siemens	scalance_m804pb_firmware	*
siemens	scalance_m804pb	-
siemens	scalance_m812-1_\(annex_a\)_firmware	*
siemens	scalance_m812-1_\(annex_a\)	-
siemens	scalance_m812-1_\(annex_b\)_firmware	*
siemens	scalance_m812-1_\(annex_b\)	-
siemens	scalance_m816-1_\(annex_a\)_firmware	*
siemens	scalance_m816-1_\(annex_a\)	-
siemens	scalance_m816-1_\(annex_b\)_firmware	*
siemens	scalance_m816-1_\(annex_b\)	-
siemens	scalance_m826-2_firmware	*
siemens	scalance_m826-2	-
siemens	scalance_m874-2_firmware	*
siemens	scalance_m874-2	-
siemens	scalance_m874-3_firmware	*
siemens	scalance_m874-3	-
siemens	scalance_m874-3_\(cn\)_firmware	*
siemens	scalance_m874-3_\(cn\)	-
siemens	scalance_m876-3_firmware	*
siemens	scalance_m876-3	-
siemens	scalance_m876-3_\(rok\)_firmware	*
siemens	scalance_m876-3_\(rok\)	-
siemens	scalance_m876-4_firmware	*
siemens	scalance_m876-4	-
siemens	scalance_m876-4_\(eu\)_firmware	*
siemens	scalance_m876-4_\(eu\)	-
siemens	scalance_m876-4_\(nam\)_firmware	*
siemens	scalance_m876-4_\(nam\)	-
siemens	scalance_mum853-1_\(a1\)_firmware	*
siemens	scalance_mum853-1_\(a1\)	-
siemens	scalance_mum853-1_\(b1\)_firmware	*
siemens	scalance_mum853-1_\(b1\)	-
siemens	scalance_mum853-1_\(eu\)_firmware	*
siemens	scalance_mum853-1_\(eu\)	-
siemens	scalance_mum856-1_\(a1\)_firmware	*
siemens	scalance_mum856-1_\(a1\)	-
siemens	scalance_mum856-1_\(b1\)_firmware	*
siemens	scalance_mum856-1_\(b1\)	-
siemens	scalance_mum856-1_\(cn\)_firmware	*
siemens	scalance_mum856-1_\(cn\)	-
siemens	scalance_mum856-1_\(eu\)_firmware	*
siemens	scalance_mum856-1_\(eu\)	-
siemens	scalance_mum856-1_\(row\)_firmware	*
siemens	scalance_mum856-1_\(row\)	-
siemens	scalance_s615_eec_firmware	*
siemens	scalance_s615_eec	-
siemens	scalance_s615_firmware	*
siemens	scalance_s615	-

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly sanitize an input field.  This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a la V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a la V8.2). Los dispositivos afectados no desinfectan correctamente un campo de entrada. Esto podr\u00eda permitir que un atacante remoto autenticado con privilegios administrativos inyecte c\u00f3digo o genere un shell ra\u00edz del sistema."
    }
  ],
  "id": "CVE-2024-50572",
  "lastModified": "2024-11-13T19:59:16.777",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "productcert@siemens.com",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "HIGH",
          "vulnerableSystemConfidentiality": "HIGH",
          "vulnerableSystemIntegrity": "HIGH"
        },
        "source": "productcert@siemens.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-12T13:15:13.503",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-10-11 11:15

Modified

2024-11-21 07:05

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	ruggedcom_rm1224_firmware	*
siemens	ruggedcom_rm1224	-
siemens	scalance_m804pb_firmware	*
siemens	scalance_m804pb	-
siemens	scalance_m812-1_firmware	*
siemens	scalance_m812-1	-
siemens	scalance_m816-1_firmware	*
siemens	scalance_m816-1	-
siemens	scalance_m826-2_firmware	*
siemens	scalance_m826-2	-
siemens	scalance_m874-2_firmware	*
siemens	scalance_m874-2	-
siemens	scalance_m874-3_firmware	*
siemens	scalance_m874-3	-
siemens	scalance_m876-3_firmware	*
siemens	scalance_m876-3	-
siemens	scalance_m876-4_firmware	*
siemens	scalance_m876-4	-
siemens	scalance_mum853-1_firmware	*
siemens	scalance_mum853-1	-
siemens	scalance_mum856-1_firmware	*
siemens	scalance_mum856-1	-
siemens	scalance_s615_firmware	*
siemens	scalance_s615	-
siemens	scalance_wam763-1_firmware	*
siemens	scalance_wam763-1	-
siemens	scalance_wam766-1_firmware	*
siemens	scalance_wam766-1	-
siemens	scalance_wum763-1_firmware	*
siemens	scalance_wum763-1	-
siemens	scalance_wum766-1_firmware	*
siemens	scalance_wum766-1	-
siemens	scalance_wam766-1_firmware	*
siemens	scalance_wam766-1	-

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0929F4C-9E86-4716-817F-DFACA179B3A2",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "284DF779-D900-48B4-A177-7281CD445AB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE36E468-BED7-4F69-B96B-37475B898698",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A20C960-61EB-4C18-AD1B-A4D3D51D16C0",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31EAEF72-8B41-44E0-A33B-753AF85A3106",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07969DC2-4B5F-4E16-8537-2AF2ADCE2F6F",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5908438F-2575-46EB-AC96-5F33D018AFAC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED73587-12BD-4F94-BCFB-16AD60B1A973",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DBB2514-5AFC-44C8-B514-938AFBDB38BD",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4488D9A-7EFD-49BB-B981-82FEAA32C4A6",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3854542-6F44-4444-B610-8E7FE364CFF4",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B311B0-951A-49CF-9A46-8E01DE9A5079",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "424A24E1-78AF-4C83-B4BD-89D67E3A5A88",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F56875A-B2B3-471F-ADAC-574C55E1D86A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3B5A56-F9ED-44F8-A02D-246F83D160FF",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17BEBCAB-D640-4F6D-9579-4A54C76D80F8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4853998E-7671-4F78-BE2D-88D788686181",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wam763-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EF8DB32-D523-43A3-B787-D5D391820D37",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AAE316D-6BA6-4C3F-9EE1-E23E4CB6FD19",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33F8E91-AAAE-458A-8690-2B69894DE9B7",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA96B540-439B-4A1A-9D7D-C45AEFBC7BE6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wum763-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB951482-45DB-4224-BD14-DFB54362AE80",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C501445F-BDF6-4A0A-85FD-E6BFBF0A3C6F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wum766-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C84B33EE-C895-434B-AB8F-53D4B54D1D1F",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB15599-F795-4D24-A4A6-CD826F6A7A13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:ecc:*",
              "matchCriteriaId": "57F1D7C6-7C13-4FFB-909C-B4B23A645F60",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:ecc:*",
              "matchCriteriaId": "8168477E-7D2E-4575-8864-9B4FD152CD61",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.1.2), SCALANCE M804PB (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.1.2), SCALANCE M874-2 (All versions \u003c V7.1.2), SCALANCE M874-3 (All versions \u003c V7.1.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.1.2), SCALANCE M876-4 (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.1.2), SCALANCE S615 (All versions \u003c V7.1.2), SCALANCE S615 EEC (All versions \u003c V7.1.2), SCALANCE WAM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.\r\nThis could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (Todas las versiones anteriores a V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (Todas las versiones anteriores a V7.1.2), SCALANCE M804PB (Todas las versiones anteriores a V7.1. 2), SCALANCE M812-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1.2), SCALANCE M812-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M816-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1. 2), SCALANCE M816-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M826-2 SHDSL-Router (Todas las versiones anteriores a V7.1.2), SCALANCE M874-2 (Todas las versiones anteriores a V7.1.2), SCALANCE M874-3 (Todas las versiones anteriores a V7. 1.2), SCALANCE M876-3 (EVDO) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-3 (ROK) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (NAM) (Todas las versiones anteriores a V7. 1.2), SCALANCE MUM853-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (RoW) (Todas las versiones anteriores a V7.1.2), SCALANCE S615 (Todas las versiones anteriores a V7. 1.2), SCALANCE WAM763-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 6GHz (Todas las versiones  posteriores a V1.1. 0 incluy\u00e9ndola), SCALANCE WAM766-1 EEC (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 EEC (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 EEC 6GHz (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM763-1 (Todas las versiones  posteriores a V1. 1.0 incluy\u00e9ndola), SCALANCE WUM763-1 (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM766-1 (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM766-1 (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM766-1 6GHz (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola). Los dispositivos afectados con el servicio de eventos TCP activado no manejan apropiadamente los paquetes malformados. Esto podr\u00eda permitir a un atacante remoto no autenticado causar una denegaci\u00f3n de servicio y reiniciar el dispositivo, lo que podr\u00eda afectar a otros recursos de red"
    }
  ],
  "id": "CVE-2022-31766",
  "lastModified": "2024-11-21T07:05:16.210",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "productcert@siemens.com",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-10-11T11:15:09.810",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 13:15

Modified

2024-11-13 19:56

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system.

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-354112.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	ruggedcom_rm1224_lte\(4g\)_eu_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_eu	-
siemens	ruggedcom_rm1224_lte\(4g\)_nam_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_nam	-
siemens	scalance_m804pb_firmware	*
siemens	scalance_m804pb	-
siemens	scalance_m812-1_\(annex_a\)_firmware	*
siemens	scalance_m812-1_\(annex_a\)	-
siemens	scalance_m812-1_\(annex_b\)_firmware	*
siemens	scalance_m812-1_\(annex_b\)	-
siemens	scalance_m816-1_\(annex_a\)_firmware	*
siemens	scalance_m816-1_\(annex_a\)	-
siemens	scalance_m816-1_\(annex_b\)_firmware	*
siemens	scalance_m816-1_\(annex_b\)	-
siemens	scalance_m826-2_firmware	*
siemens	scalance_m826-2	-
siemens	scalance_m874-2_firmware	*
siemens	scalance_m874-2	-
siemens	scalance_m874-3_firmware	*
siemens	scalance_m874-3	-
siemens	scalance_m874-3_\(cn\)_firmware	*
siemens	scalance_m874-3_\(cn\)	-
siemens	scalance_m876-3_firmware	*
siemens	scalance_m876-3	-
siemens	scalance_m876-3_\(rok\)_firmware	*
siemens	scalance_m876-3_\(rok\)	-
siemens	scalance_m876-4_firmware	*
siemens	scalance_m876-4	-
siemens	scalance_m876-4_\(eu\)_firmware	*
siemens	scalance_m876-4_\(eu\)	-
siemens	scalance_m876-4_\(nam\)_firmware	*
siemens	scalance_m876-4_\(nam\)	-
siemens	scalance_mum853-1_\(a1\)_firmware	*
siemens	scalance_mum853-1_\(a1\)	-
siemens	scalance_mum853-1_\(b1\)_firmware	*
siemens	scalance_mum853-1_\(b1\)	-
siemens	scalance_mum853-1_\(eu\)_firmware	*
siemens	scalance_mum853-1_\(eu\)	-
siemens	scalance_mum856-1_\(a1\)_firmware	*
siemens	scalance_mum856-1_\(a1\)	-
siemens	scalance_mum856-1_\(b1\)_firmware	*
siemens	scalance_mum856-1_\(b1\)	-
siemens	scalance_mum856-1_\(cn\)_firmware	*
siemens	scalance_mum856-1_\(cn\)	-
siemens	scalance_mum856-1_\(eu\)_firmware	*
siemens	scalance_mum856-1_\(eu\)	-
siemens	scalance_mum856-1_\(row\)_firmware	*
siemens	scalance_mum856-1_\(row\)	-
siemens	scalance_s615_eec_firmware	*
siemens	scalance_s615_eec	-
siemens	scalance_s615_firmware	*
siemens	scalance_s615	-

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones \u0026lt; V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones \u0026lt; V8.2). Los dispositivos afectados no validan correctamente los nombres de archivo del certificado. Esto podr\u00eda permitir que un atacante remoto autenticado agregue valores arbitrarios que comprometer\u00e1n la integridad del sistema."
    }
  ],
  "id": "CVE-2024-50559",
  "lastModified": "2024-11-13T19:56:31.780",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "NONE",
          "vulnerableSystemConfidentiality": "NONE",
          "vulnerableSystemIntegrity": "LOW"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-12T13:15:12.653",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 13:15

Modified

2024-11-13 19:57

Severity ?

3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity.

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-354112.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	ruggedcom_rm1224_lte\(4g\)_eu_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_eu	-
siemens	ruggedcom_rm1224_lte\(4g\)_nam_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_nam	-
siemens	scalance_m804pb_firmware	*
siemens	scalance_m804pb	-
siemens	scalance_m812-1_\(annex_a\)_firmware	*
siemens	scalance_m812-1_\(annex_a\)	-
siemens	scalance_m812-1_\(annex_b\)_firmware	*
siemens	scalance_m812-1_\(annex_b\)	-
siemens	scalance_m816-1_\(annex_a\)_firmware	*
siemens	scalance_m816-1_\(annex_a\)	-
siemens	scalance_m816-1_\(annex_b\)_firmware	*
siemens	scalance_m816-1_\(annex_b\)	-
siemens	scalance_m826-2_firmware	*
siemens	scalance_m826-2	-
siemens	scalance_m874-2_firmware	*
siemens	scalance_m874-2	-
siemens	scalance_m874-3_firmware	*
siemens	scalance_m874-3	-
siemens	scalance_m874-3_\(cn\)_firmware	*
siemens	scalance_m874-3_\(cn\)	-
siemens	scalance_m876-3_firmware	*
siemens	scalance_m876-3	-
siemens	scalance_m876-3_\(rok\)_firmware	*
siemens	scalance_m876-3_\(rok\)	-
siemens	scalance_m876-4_firmware	*
siemens	scalance_m876-4	-
siemens	scalance_m876-4_\(eu\)_firmware	*
siemens	scalance_m876-4_\(eu\)	-
siemens	scalance_m876-4_\(nam\)_firmware	*
siemens	scalance_m876-4_\(nam\)	-
siemens	scalance_mum853-1_\(a1\)_firmware	*
siemens	scalance_mum853-1_\(a1\)	-
siemens	scalance_mum853-1_\(b1\)_firmware	*
siemens	scalance_mum853-1_\(b1\)	-
siemens	scalance_mum853-1_\(eu\)_firmware	*
siemens	scalance_mum853-1_\(eu\)	-
siemens	scalance_mum856-1_\(a1\)_firmware	*
siemens	scalance_mum856-1_\(a1\)	-
siemens	scalance_mum856-1_\(b1\)_firmware	*
siemens	scalance_mum856-1_\(b1\)	-
siemens	scalance_mum856-1_\(cn\)_firmware	*
siemens	scalance_mum856-1_\(cn\)	-
siemens	scalance_mum856-1_\(eu\)_firmware	*
siemens	scalance_mum856-1_\(eu\)	-
siemens	scalance_mum856-1_\(row\)_firmware	*
siemens	scalance_mum856-1_\(row\)	-
siemens	scalance_s615_eec_firmware	*
siemens	scalance_s615_eec	-
siemens	scalance_s615_firmware	*
siemens	scalance_s615	-

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a la V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a la V8.2). Los dispositivos afectados truncan los nombres de usuario de m\u00e1s de 15 caracteres cuando se accede a ellos a trav\u00e9s de SSH o Telnet. Esto podr\u00eda permitir que un atacante comprometa la integridad del sistema."
    }
  ],
  "id": "CVE-2024-50560",
  "lastModified": "2024-11-13T19:57:26.073",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.1,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 1.4,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackRequirements": "PRESENT",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 2.3,
          "baseSeverity": "LOW",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "NONE",
          "vulnerableSystemConfidentiality": "NONE",
          "vulnerableSystemIntegrity": "LOW"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-12T13:15:12.913",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-08-05 21:15

Modified

2024-11-21 05:50

Severity ?

3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.

References

URL	Tags
support@hackerone.com	https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	Patch, Third Party Advisory
support@hackerone.com	https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf	Third Party Advisory
support@hackerone.com	https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf	Third Party Advisory
support@hackerone.com	https://hackerone.com/reports/1223565	Exploit, Issue Tracking, Patch, Third Party Advisory
support@hackerone.com	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E	Mailing List, Third Party Advisory
support@hackerone.com	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E	Mailing List, Third Party Advisory
support@hackerone.com	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E	Mailing List, Third Party Advisory
support@hackerone.com	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E	Mailing List, Third Party Advisory
support@hackerone.com	https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html	Mailing List, Third Party Advisory
support@hackerone.com	https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html	Mailing List, Third Party Advisory
support@hackerone.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/	Mailing List, Third Party Advisory
support@hackerone.com	https://security.netapp.com/advisory/ntap-20210902-0003/	Third Party Advisory
support@hackerone.com	https://www.debian.org/security/2022/dsa-5197	Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpujan2022.html	Patch, Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://hackerone.com/reports/1223565	Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20210902-0003/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2022/dsa-5197	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujan2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
haxx	libcurl	*
fedoraproject	fedora	33
debian	debian_linux	9.0
debian	debian_linux	10.0
debian	debian_linux	11.0
netapp	cloud_backup	-
netapp	clustered_data_ontap	-
netapp	solidfire_\&_hci_management_node	-
netapp	solidfire_baseboard_management_controller_firmware	-
oracle	mysql_server	*
oracle	mysql_server	*
oracle	peoplesoft_enterprise_peopletools	8.57
oracle	peoplesoft_enterprise_peopletools	8.58
oracle	peoplesoft_enterprise_peopletools	8.59
siemens	sinec_infrastructure_network_services	*
siemens	sinema_remote_connect_server	*
siemens	logo\!_cmr2040_firmware	*
siemens	logo\!_cmr2040	-
siemens	logo\!_cmr2020_firmware	*
siemens	logo\!_cmr2020	-
siemens	ruggedcomrm_1224_lte_firmware	*
siemens	ruggedcomrm_1224_lte	-
siemens	scalance_m804pb_firmware	*
siemens	scalance_m804pb	-
siemens	scalance_m812-1_firmware	*
siemens	scalance_m812-1	-
siemens	scalance_m816-1_firmware	*
siemens	scalance_m816-1	-
siemens	scalance_m826-2_firmware	*
siemens	scalance_m826-2	-
siemens	scalance_m874-2_firmware	*
siemens	scalance_m874-2	-
siemens	scalance_m874-3_firmware	*
siemens	scalance_m874-3	-
siemens	scalance_m876-3_firmware	*
siemens	scalance_m876-3	-
siemens	scalance_m876-4_firmware	*
siemens	scalance_m876-4	-
siemens	scalance_mum856-1_firmware	*
siemens	scalance_mum856-1	-
siemens	scalance_s615_firmware	*
siemens	scalance_s615	-
siemens	simatic_cp_1543-1_firmware	*
siemens	simatic_cp_1543-1	-
siemens	simatic_cp_1545-1_firmware	*
siemens	simatic_cp_1545-1	-
siemens	simatic_rtu3010c_firmware	*
siemens	simatic_rtu3010c	-
siemens	simatic_rtu3030c_firmware	*
siemens	simatic_rtu3030c	-
siemens	simatic_rtu3031c_firmware	*
siemens	simatic_rtu3031c	-
siemens	simatic_rtu_3041c_firmware	*
siemens	simatic_rtu_3041c	-
siemens	sinema_remote_connect	*
siemens	siplus_net_cp_1543-1_firmware	*
siemens	siplus_net_cp_1543-1	-
splunk	universal_forwarder	*
splunk	universal_forwarder	*
splunk	universal_forwarder	9.1.0

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FDD6146-08DE-414A-AF65-668F1A002099",
              "versionEndExcluding": "7.77.0",
              "versionStartIncluding": "7.10.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_management_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E74B879-B396-496C-979B-8A7211EDCA0D",
              "versionEndIncluding": "5.7.36",
              "versionStartIncluding": "5.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "709E83B4-8C66-4255-870B-2F72B37BA8C6",
              "versionEndIncluding": "8.0.26",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F46497-4AB0-49A7-9453-CC26837BF253",
              "versionEndExcluding": "1.0.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98CC9C9A-FE14-4D50-A8EC-C309229356C8",
              "versionEndExcluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:logo\\!_cmr2040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F58182A-EB6D-442B-846A-8BD5BE4313E6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:logo\\!_cmr2040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ED47A12-5637-40E2-BE39-B76B789C0DFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:logo\\!_cmr2020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85E0D5C4-F0DA-42D9-A594-CB1BE6E7451F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:logo\\!_cmr2020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8E5F42B-63E3-4B2D-A03F-983F51EE0648",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcomrm_1224_lte_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "139740E9-9828-4F2E-B11D-3BFE1B96992C",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcomrm_1224_lte:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A650A1E-4DB0-415A-9BF4-0016798CD622",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44695DA0-6E69-4444-BEBB-391E818B9FC0",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87B7BB84-89FC-440B-9647-6D5E99C46AED",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31EAEF72-8B41-44E0-A33B-753AF85A3106",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F93C36C9-9E80-48B6-8025-0DA656B7AE0B",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5908438F-2575-46EB-AC96-5F33D018AFAC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15374104-A17C-44B4-801F-C81D3FB97527",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E587E31C-E9CA-4925-A2FE-22F46C5A3E81",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE82B624-BD88-4B43-A590-FF39D136A4D4",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0626BD-AAE2-4853-AC96-8A3F2516A972",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60DD88D4-3DB3-473C-8613-AE425E7DF03C",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B602E7-05E4-42F7-8850-2369F118D32C",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17BEBCAB-D640-4F6D-9579-4A54C76D80F8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "116A0913-61A8-41EA-89D1-AC46384254B8",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC6ACFD-8893-4EA3-976B-FAAF7240C5DB",
              "versionEndExcluding": "3.0.22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FDE92FB-38C7-46E8-9208-BBD7872219D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp_1545-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D599BF67-DFBB-4107-ACD9-1231D12EC9B5",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp_1545-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C557DEBB-B71C-42E5-BBCE-0CFF3D10D700",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3010c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22BE5ED5-4690-4D60-AA95-915CC02266E2",
              "versionEndExcluding": "5.0.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3010c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F32339C-D992-45F3-B975-D3E1118B881E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3030c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD88F06C-6E0F-463C-94E5-CB68601D728E",
              "versionEndExcluding": "5.0.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3030c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A66DD04-4C58-45D8-A8C5-6817B05DBA14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3031c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBFBC62C-7F21-4312-B6BB-FC80894100BB",
              "versionEndExcluding": "5.0.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3031c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F0595C-286F-4EB1-8C25-D20FB92A95A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu_3041c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74D4B0B4-6F7C-43CF-AFB8-6C53BA5C6577",
              "versionEndExcluding": "5.0.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu_3041c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F30B6004-31BF-408A-B1C5-4A7937391F41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:sinema_remote_connect:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5E4FE6-D2D5-40E4-A68C-6EA6AC7E1A3C",
              "versionEndExcluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43CDCCE3-B8C0-44D4-A8A0-25C49A4EA240",
              "versionEndExcluding": "3.0.22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_net_cp_1543-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D7AB0D5-FD3E-416A-975B-D212B3350433",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5722E753-75DE-4944-A11B-556CB299B57D",
              "versionEndExcluding": "8.2.12",
              "versionStartIncluding": "8.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC0F9351-81A4-4FEA-B6B5-6E960A933D32",
              "versionEndExcluding": "9.0.6",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED24E67-2957-4C1B-8FEA-E2D2FE7B97FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can setto qualify how to verify the server certificate."
    },
    {
      "lang": "es",
      "value": "libcurl mantiene las conexiones usadas previamente en un pool de conexiones para reusarlas en posteriores transferencias, si una de ellas coincide con la configuraci\u00f3n. Debido a errores en la l\u00f3gica, la funci\u00f3n de coincidencia de la configuraci\u00f3n no ten\u00eda en cuenta \"issuercert\" y comparaba las rutas implicadas *sin tener en cuenta el caso*, que pod\u00eda conllevar a que libcurl reusara conexiones err\u00f3neas. Las rutas de los archivos son, o pueden ser, casos confidenciales en muchos sistemas, pero no en todos, y pueden incluso variar dependiendo de los sistemas de archivos usados. La comparaci\u00f3n tampoco inclu\u00eda el \"issuercert\" que una transferencia puede ajustar para calificar c\u00f3mo verificar el certificado del servidor"
    }
  ],
  "id": "CVE-2021-22924",
  "lastModified": "2024-11-21T05:50:55.620",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-08-05T21:15:11.380",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1223565"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210902-0003/"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5197"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1223565"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210902-0003/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-706"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 13:15

Modified

2024-11-13 19:54

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device.

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-354112.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	ruggedcom_rm1224_lte\(4g\)_eu_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_eu	-
siemens	ruggedcom_rm1224_lte\(4g\)_nam_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_nam	-
siemens	scalance_m804pb_firmware	*
siemens	scalance_m804pb	-
siemens	scalance_m812-1_\(annex_a\)_firmware	*
siemens	scalance_m812-1_\(annex_a\)	-
siemens	scalance_m812-1_\(annex_b\)_firmware	*
siemens	scalance_m812-1_\(annex_b\)	-
siemens	scalance_m816-1_\(annex_a\)_firmware	*
siemens	scalance_m816-1_\(annex_a\)	-
siemens	scalance_m816-1_\(annex_b\)_firmware	*
siemens	scalance_m816-1_\(annex_b\)	-
siemens	scalance_m826-2_firmware	*
siemens	scalance_m826-2	-
siemens	scalance_m874-2_firmware	*
siemens	scalance_m874-2	-
siemens	scalance_m874-3_firmware	*
siemens	scalance_m874-3	-
siemens	scalance_m874-3_\(cn\)_firmware	*
siemens	scalance_m874-3_\(cn\)	-
siemens	scalance_m876-3_firmware	*
siemens	scalance_m876-3	-
siemens	scalance_m876-3_\(rok\)_firmware	*
siemens	scalance_m876-3_\(rok\)	-
siemens	scalance_m876-4_firmware	*
siemens	scalance_m876-4	-
siemens	scalance_m876-4_\(eu\)_firmware	*
siemens	scalance_m876-4_\(eu\)	-
siemens	scalance_m876-4_\(nam\)_firmware	*
siemens	scalance_m876-4_\(nam\)	-
siemens	scalance_mum853-1_\(a1\)_firmware	*
siemens	scalance_mum853-1_\(a1\)	-
siemens	scalance_mum853-1_\(b1\)_firmware	*
siemens	scalance_mum853-1_\(b1\)	-
siemens	scalance_mum853-1_\(eu\)_firmware	*
siemens	scalance_mum853-1_\(eu\)	-
siemens	scalance_mum856-1_\(a1\)_firmware	*
siemens	scalance_mum856-1_\(a1\)	-
siemens	scalance_mum856-1_\(b1\)_firmware	*
siemens	scalance_mum856-1_\(b1\)	-
siemens	scalance_mum856-1_\(cn\)_firmware	*
siemens	scalance_mum856-1_\(cn\)	-
siemens	scalance_mum856-1_\(eu\)_firmware	*
siemens	scalance_mum856-1_\(eu\)	-
siemens	scalance_mum856-1_\(row\)_firmware	*
siemens	scalance_mum856-1_\(row\)	-
siemens	scalance_s615_eec_firmware	*
siemens	scalance_s615_eec	-
siemens	scalance_s615_firmware	*
siemens	scalance_s615	-

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated  remote attacker to execute arbitrary code on the device."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a V8.2). Los dispositivos afectados no validan correctamente la entrada en los campos de configuraci\u00f3n de la funcionalidad iperf. Esto podr\u00eda permitir que un atacante remoto no autenticado ejecute c\u00f3digo arbitrario en el dispositivo."
    }
  ],
  "id": "CVE-2024-50557",
  "lastModified": "2024-11-13T19:54:52.490",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "HIGH",
          "vulnerableSystemConfidentiality": "HIGH",
          "vulnerableSystemIntegrity": "HIGH"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-12T13:15:12.157",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 13:15

Modified

2024-11-13 19:57

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system.

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-354112.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	ruggedcom_rm1224_lte\(4g\)_eu_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_eu	-
siemens	ruggedcom_rm1224_lte\(4g\)_nam_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_nam	-
siemens	scalance_m804pb_firmware	*
siemens	scalance_m804pb	-
siemens	scalance_m812-1_\(annex_a\)_firmware	*
siemens	scalance_m812-1_\(annex_a\)	-
siemens	scalance_m812-1_\(annex_b\)_firmware	*
siemens	scalance_m812-1_\(annex_b\)	-
siemens	scalance_m816-1_\(annex_a\)_firmware	*
siemens	scalance_m816-1_\(annex_a\)	-
siemens	scalance_m816-1_\(annex_b\)_firmware	*
siemens	scalance_m816-1_\(annex_b\)	-
siemens	scalance_m826-2_firmware	*
siemens	scalance_m826-2	-
siemens	scalance_m874-2_firmware	*
siemens	scalance_m874-2	-
siemens	scalance_m874-3_firmware	*
siemens	scalance_m874-3	-
siemens	scalance_m874-3_\(cn\)_firmware	*
siemens	scalance_m874-3_\(cn\)	-
siemens	scalance_m876-3_firmware	*
siemens	scalance_m876-3	-
siemens	scalance_m876-3_\(rok\)_firmware	*
siemens	scalance_m876-3_\(rok\)	-
siemens	scalance_m876-4_firmware	*
siemens	scalance_m876-4	-
siemens	scalance_m876-4_\(eu\)_firmware	*
siemens	scalance_m876-4_\(eu\)	-
siemens	scalance_m876-4_\(nam\)_firmware	*
siemens	scalance_m876-4_\(nam\)	-
siemens	scalance_mum853-1_\(a1\)_firmware	*
siemens	scalance_mum853-1_\(a1\)	-
siemens	scalance_mum853-1_\(b1\)_firmware	*
siemens	scalance_mum853-1_\(b1\)	-
siemens	scalance_mum853-1_\(eu\)_firmware	*
siemens	scalance_mum853-1_\(eu\)	-
siemens	scalance_mum856-1_\(a1\)_firmware	*
siemens	scalance_mum856-1_\(a1\)	-
siemens	scalance_mum856-1_\(b1\)_firmware	*
siemens	scalance_mum856-1_\(b1\)	-
siemens	scalance_mum856-1_\(cn\)_firmware	*
siemens	scalance_mum856-1_\(cn\)	-
siemens	scalance_mum856-1_\(eu\)_firmware	*
siemens	scalance_mum856-1_\(eu\)	-
siemens	scalance_mum856-1_\(row\)_firmware	*
siemens	scalance_mum856-1_\(row\)	-
siemens	scalance_s615_eec_firmware	*
siemens	scalance_s615_eec	-
siemens	scalance_s615_firmware	*
siemens	scalance_s615	-

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a la V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a la V8.2). Los dispositivos afectados no desinfectan correctamente los nombres de archivo antes de cargarlos. Esto podr\u00eda permitir que un atacante remoto autenticado comprometa la integridad del sistema."
    }
  ],
  "id": "CVE-2024-50561",
  "lastModified": "2024-11-13T19:57:56.313",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "NONE",
          "vulnerableSystemConfidentiality": "NONE",
          "vulnerableSystemIntegrity": "LOW"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-12T13:15:13.260",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 13:15

Modified

2024-11-13 19:55

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices improperly manage access control for read-only users. This could allow an attacker to cause a temporary denial of service condition.

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-354112.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	ruggedcom_rm1224_lte\(4g\)_eu_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_eu	-
siemens	ruggedcom_rm1224_lte\(4g\)_nam_firmware	*
siemens	ruggedcom_rm1224_lte\(4g\)_nam	-
siemens	scalance_m804pb_firmware	*
siemens	scalance_m804pb	-
siemens	scalance_m812-1_\(annex_a\)_firmware	*
siemens	scalance_m812-1_\(annex_a\)	-
siemens	scalance_m812-1_\(annex_b\)_firmware	*
siemens	scalance_m812-1_\(annex_b\)	-
siemens	scalance_m816-1_\(annex_a\)_firmware	*
siemens	scalance_m816-1_\(annex_a\)	-
siemens	scalance_m816-1_\(annex_b\)_firmware	*
siemens	scalance_m816-1_\(annex_b\)	-
siemens	scalance_m826-2_firmware	*
siemens	scalance_m826-2	-
siemens	scalance_m874-2_firmware	*
siemens	scalance_m874-2	-
siemens	scalance_m874-3_firmware	*
siemens	scalance_m874-3	-
siemens	scalance_m874-3_\(cn\)_firmware	*
siemens	scalance_m874-3_\(cn\)	-
siemens	scalance_m876-3_firmware	*
siemens	scalance_m876-3	-
siemens	scalance_m876-3_\(rok\)_firmware	*
siemens	scalance_m876-3_\(rok\)	-
siemens	scalance_m876-4_firmware	*
siemens	scalance_m876-4	-
siemens	scalance_m876-4_\(eu\)_firmware	*
siemens	scalance_m876-4_\(eu\)	-
siemens	scalance_m876-4_\(nam\)_firmware	*
siemens	scalance_m876-4_\(nam\)	-
siemens	scalance_mum853-1_\(a1\)_firmware	*
siemens	scalance_mum853-1_\(a1\)	-
siemens	scalance_mum853-1_\(b1\)_firmware	*
siemens	scalance_mum853-1_\(b1\)	-
siemens	scalance_mum853-1_\(eu\)_firmware	*
siemens	scalance_mum853-1_\(eu\)	-
siemens	scalance_mum856-1_\(a1\)_firmware	*
siemens	scalance_mum856-1_\(a1\)	-
siemens	scalance_mum856-1_\(b1\)_firmware	*
siemens	scalance_mum856-1_\(b1\)	-
siemens	scalance_mum856-1_\(cn\)_firmware	*
siemens	scalance_mum856-1_\(cn\)	-
siemens	scalance_mum856-1_\(eu\)_firmware	*
siemens	scalance_mum856-1_\(eu\)	-
siemens	scalance_mum856-1_\(row\)_firmware	*
siemens	scalance_mum856-1_\(row\)	-
siemens	scalance_s615_eec_firmware	*
siemens	scalance_s615_eec	-
siemens	scalance_s615_firmware	*
siemens	scalance_s615	-