Vulnerabilites related to siemens - scalance_x307-3_firmware
cve-2022-25752
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.562Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-330", description: "CWE-330: Use of Insufficiently Random Values", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:46", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25752", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-330: Use of Insufficiently Random Values", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25752", datePublished: "2022-04-12T09:07:46", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.562Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26335
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:31.738Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:55", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-26335", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-26335", datePublished: "2022-04-12T09:07:55", dateReserved: "2022-03-01T00:00:00", dateUpdated: "2024-08-03T05:03:31.738Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-15799
Vulnerability from cvelistv5
Published
2021-01-12 20:18
Modified
2024-08-04 13:30
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X-200 switch family (incl. SIPLUS NET variants) |
Version: All versions < V5.2.5 |
||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:30:21.812Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X-200 switch family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.5.0", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "CWE-306: Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-14T10:47:08", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-15799", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X-200 switch family (incl. SIPLUS NET variants)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)", version: { version_data: [ { version_value: "All versions < V5.5.0", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-306: Missing Authentication for Critical Function", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-15799", datePublished: "2021-01-12T20:18:33", dateReserved: "2020-07-15T00:00:00", dateUpdated: "2024-08-04T13:30:21.812Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25756
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.497Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-80", description: "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:52", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25756", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25756", datePublished: "2022-04-12T09:07:52", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.497Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-28391
Vulnerability from cvelistv5
Published
2021-01-12 00:00
Modified
2024-08-04 16:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X-200 switch family (incl. SIPLUS NET variants) |
Version: All versions < V5.2.5 |
||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:33:59.106Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf", }, { tags: [ "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X-200 switch family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.5.0", }, ], }, { product: "SCALANCE X-200RNA switch family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.7", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-321", description: "CWE-321: Use of Hard-coded Cryptographic Key", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf", }, { url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-28391", datePublished: "2021-01-12T00:00:00", dateReserved: "2020-11-10T00:00:00", dateUpdated: "2024-08-04T16:33:59.106Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25751
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.841Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:43", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25751", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20: Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25751", datePublished: "2022-04-12T09:07:43", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.841Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-28400
Vulnerability from cvelistv5
Published
2021-07-13 11:02
Modified
2024-12-10 13:53
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_b", vendor: "seimens", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_dk_standard_ethernet_controller:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_dk_standard_ethernet_controller", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_ek_ertec_200:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_ek_ertec_200", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_ek_ertec_200p:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_ek_ertec_200p", vendor: "siemens", versions: [ { lessThan: "v4.7", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:ruggedcom_rm1224:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ruggedcom_rm1224", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m804pb", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_a:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_a", vendor: "seimens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_b", vendor: "seimens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m816_1_adsl_router_annex_a:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m816_1_adsl_router_annex_a", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m816-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m816-1_adsl-router_annex_b", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m826-2_shdsl-router:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m826-2_shdsl-router", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_m874_2:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_m874_2", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_m874_3:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_m874_3", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_3_evdo:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_3_evdo", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_3_rok:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_3_rok", vendor: "siemens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_4_eu:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_4_eu", vendor: "siemens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_4_nam:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_4_nam", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_s615", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w700_ieee_802.11n_family:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w700_ieee_802.11n_family", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1748_1_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1748_1_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_1_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_1_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2_eec_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2_eec_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2ia_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2ia_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x200_4p_irt:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x200_4p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x201_3p_irt:0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x201_3p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x201_3p_irt_pro:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x201_3p_irt_pro", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalancce_x202_2p_irt:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalancce_x202_2p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_202_2p_irt_pro:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_202_2p_irt_pro", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalancce_x204_2:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalancce_x204_2", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2fm:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2fm", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ld:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ld", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ld_ts:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ld_ts", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ts:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ts", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2020-28400", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-13T18:59:11.953107Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-24T18:07:44.485Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-04T16:33:59.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) EU", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) NAM", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3 3G-Router (CN)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (A1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (B1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (A1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (B1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (CN)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (RoW)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 EEC LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 EEC M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2IA M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X200-4P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2FM", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD TS", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2TS", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208PRO", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X216", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X224", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (SC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (ST/BFOC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE EEC (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G (EIP DEF.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G (EIP def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G (EIP Def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G (EIP Def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204 DNA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA DNA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF206-1", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF208", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208 (Ethernet/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208PoE EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216 (Ethernet/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216POE EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 x FE, AC 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 X FE, DC 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG (without UL)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, AC 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, DC 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CFU DIQ", vendor: "Siemens", versions: [ { lessThan: "V2.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CFU PA", vendor: "Siemens", versions: [ { lessThan: "V2.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CM 1542-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1604", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1616", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1626", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC IE/PB-LINK", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "V3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET DK-16xx PN IO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Power Line Booster PLB, Base Module", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PROFINET Driver", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.3", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC216-4C", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SOFTNET-IE PNIO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 8.7, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770: Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T13:53:22.763Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-28400", datePublished: "2021-07-13T11:02:49", dateReserved: "2020-11-10T00:00:00", dateUpdated: "2024-12-10T13:53:22.763Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-15800
Vulnerability from cvelistv5
Published
2021-01-12 20:18
Modified
2024-08-04 13:30
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X-200 switch family (incl. SIPLUS NET variants) |
Version: All versions < V5.2.5 |
||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:30:21.877Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X-200 switch family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.5.0", }, ], }, { product: "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-14T10:47:09", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-15800", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X-200 switch family (incl. SIPLUS NET variants)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)", version: { version_data: [ { version_value: "All versions < V5.5.0", }, ], }, }, { product_name: "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)", version: { version_data: [ { version_value: "All versions < V4.1.0", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122: Heap-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-15800", datePublished: "2021-01-12T20:18:33", dateReserved: "2020-07-15T00:00:00", dateUpdated: "2024-08-04T13:30:21.877Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25753
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.901Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121: Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:47", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25753", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-121: Stack-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25753", datePublished: "2022-04-12T09:07:47", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.901Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26380
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.784Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:57", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-26380", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-26380", datePublished: "2022-04-12T09:07:57", dateReserved: "2022-03-03T00:00:00", dateUpdated: "2024-08-03T05:03:32.784Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-25226
Vulnerability from cvelistv5
Published
2021-01-12 20:18
Modified
2024-08-04 15:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X-200 switch family (incl. SIPLUS NET variants) |
Version: All versions < V5.2.5 |
||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:33:04.885Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X-200 switch family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.5.0", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-14T10:47:10", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-25226", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X-200 switch family (incl. SIPLUS NET variants)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)", version: { version_data: [ { version_value: "All versions < V5.5.0", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122: Heap-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-25226", datePublished: "2021-01-12T20:18:33", dateReserved: "2020-09-10T00:00:00", dateUpdated: "2024-08-04T15:33:04.885Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26334
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.480Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:54", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-26334", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-26334", datePublished: "2022-04-12T09:07:54", dateReserved: "2022-03-01T00:00:00", dateUpdated: "2024-08-03T05:03:32.480Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25754
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.242Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352: Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:49", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25754", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-352: Cross-Site Request Forgery (CSRF)", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25754", datePublished: "2022-04-12T09:07:49", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.242Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25755
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.216Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284: Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:50", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25755", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284: Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25755", datePublished: "2022-04-12T09:07:50", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.216Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-01-12 21:15
Modified
2024-11-21 05:22
Severity ?
Summary
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf | Vendor Advisory | |
productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02 | Third Party Advisory, US Government Resource, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02 | Third Party Advisory, US Government Resource, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x200-4pirt_firmware | * | |
siemens | scalance_x200-4pirt | - | |
siemens | scalance_x201-3pirt_firmware | * | |
siemens | scalance_x201-3pirt | - | |
siemens | scalance_x202-2irt_firmware | * | |
siemens | scalance_x202-2irt | - | |
siemens | scalance_x202-2pirt_firmware | * | |
siemens | scalance_x202-2pirt | - | |
siemens | scalance_x202-2pirt_siplus_net_firmware | * | |
siemens | scalance_x202-2pirt_siplus_net | - | |
siemens | scalance_x204irt_firmware | * | |
siemens | scalance_x204irt | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-3ldfe_firmware | * | |
siemens | scalance_x320-3ldfe | - | |
siemens | scalance_xb205-3_firmware | * | |
siemens | scalance_xb205-3 | - | |
siemens | scalance_xb205-3ld_firmware | * | |
siemens | scalance_xb205-3ld | - | |
siemens | scalance_xb208_firmware | * | |
siemens | scalance_xb208 | - | |
siemens | scalance_xb213-3_firmware | * | |
siemens | scalance_xb213-3 | - | |
siemens | scalance_xb213-3ld_firmware | * | |
siemens | scalance_xb213-3ld | - | |
siemens | scalance_xb216_firmware | * | |
siemens | scalance_xb216 | - | |
siemens | scalance_xc206-2_firmware | * | |
siemens | scalance_xc206-2 | - | |
siemens | scalance_xc206-2g_poe__firmware | * | |
siemens | scalance_xc206-2g_poe_ | - | |
siemens | scalance_xc206-2g_poe_eec_firmware | * | |
siemens | scalance_xc206-2g_poe_eec | - | |
siemens | scalance_xc206-2sfp_firmware | * | |
siemens | scalance_xc206-2sfp | - | |
siemens | scalance_xc206-2sfp_eec_firmware | * | |
siemens | scalance_xc206-2sfp_eec | - | |
siemens | scalance_xc206-2sfp_g_firmware | * | |
siemens | scalance_xc206-2sfp_g | - | |
siemens | scalance_xc206-2sfp_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc206-2sfp_g_\(e\/ip\) | - | |
siemens | scalance_xc206-2sfp_g_eec_firmware | * | |
siemens | scalance_xc206-2sfp_g_eec | - | |
siemens | scalance_xc208_firmware | * | |
siemens | scalance_xc208 | - | |
siemens | scalance_xc208eec_firmware | * | |
siemens | scalance_xc208eec | - | |
siemens | scalance_xc208g_firmware | * | |
siemens | scalance_xc208g | - | |
siemens | scalance_xc208g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc208g_\(e\/ip\) | - | |
siemens | scalance_xc208g_eec_firmware | * | |
siemens | scalance_xc208g_eec | - | |
siemens | scalance_xc208g_poe_firmware | * | |
siemens | scalance_xc208g_poe | - | |
siemens | scalance_xc216_firmware | * | |
siemens | scalance_xc216 | - | |
siemens | scalance_xc216-4c_firmware | * | |
siemens | scalance_xc216-4c | - | |
siemens | scalance_xc216-4c_g_firmware | * | |
siemens | scalance_xc216-4c_g | - | |
siemens | scalance_xc216-4c_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc216-4c_g_\(e\/ip\) | - | |
siemens | scalance_xc216-4c_g_eec_firmware | * | |
siemens | scalance_xc216-4c_g_eec | - | |
siemens | scalance_xc216eec_firmware | * | |
siemens | scalance_xc216eec | - | |
siemens | scalance_xc224-4c_g__firmware | * | |
siemens | scalance_xc224-4c_g_ | - | |
siemens | scalance_xc224-4c_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc224-4c_g_\(e\/ip\) | - | |
siemens | scalance_xc224-4c_g_eec_firmware | * | |
siemens | scalance_xc224-4c_g_eec | - | |
siemens | scalance_xc224__firmware | * | |
siemens | scalance_xc224_ | - | |
siemens | scalance_xf201-3p_irt_firmware | * | |
siemens | scalance_xf201-3p_irt | - | |
siemens | scalance_xf202-2p_irt_firmware | * | |
siemens | scalance_xf202-2p_irt | - | |
siemens | scalance_xf204_firmware | * | |
siemens | scalance_xf204 | - | |
siemens | scalance_xf204-2_firmware | * | |
siemens | scalance_xf204-2 | - | |
siemens | scalance_xf204-2ba_dna_firmware | * | |
siemens | scalance_xf204-2ba_dna | - | |
siemens | scalance_xf204-2ba_irt_firmware | * | |
siemens | scalance_xf204-2ba_irt | - | |
siemens | scalance_xf204_dna_firmware | * | |
siemens | scalance_xf204_dna | - | |
siemens | scalance_xf204irt_firmware | * | |
siemens | scalance_xf204irt | - | |
siemens | scalance_xf206-1_firmware | * | |
siemens | scalance_xf206-1 | - | |
siemens | scalance_xf208_firmware | * | |
siemens | scalance_xf208 | - | |
siemens | scalance_xp208_firmware | * | |
siemens | scalance_xp208 | - | |
siemens | scalance_xp208_\(eip\)_firmware | * | |
siemens | scalance_xp208_\(eip\) | - | |
siemens | scalance_xp208eec_firmware | * | |
siemens | scalance_xp208eec | - | |
siemens | scalance_xp208poe_eec_firmware | * | |
siemens | scalance_xp208poe_eec | - | |
siemens | scalance_xp216_firmware | * | |
siemens | scalance_xp216 | - | |
siemens | scalance_xp216_\(eip\)_firmware | * | |
siemens | scalance_xp216_\(eip\) | - | |
siemens | scalance_xp216eec_firmware | * | |
siemens | scalance_xp216eec | - | |
siemens | scalance_xp216poe_eec_firmware | * | |
siemens | scalance_xp216poe_eec | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x200-4pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43B261ED-08C4-4A0D-8BAC-221006AB6F93", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x200-4pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "8FDCB432-1AD0-4BF1-839F-8091D9871831", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53F56390-77CB-42D5-A603-5FB29EE5DAA5", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "47498977-D642-4864-BB94-4CE077EDEB82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "666FACCE-89EB-4E5D-A718-F1D4945F7DF4", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*", matchCriteriaId: "A8B1D979-038F-42F4-AB7D-E0664D051B4E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B79AD48F-2B99-4BE5-B3D7-440E2D3BC699", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "D7819B14-7E93-4D0F-AAD5-049BE3B36D07", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2pirt_siplus_net_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD18B3BE-E98D-46D1-AA10-89EB89BAFFEB", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2pirt_siplus_net:-:*:*:*:*:*:*:*", matchCriteriaId: "DABC3436-E04E-4B6C-9EF4-47B08C57B166", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C94D093-9D17-47C9-A7F6-28FF241BF874", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6716DCDE-BD3F-4BA2-A66A-A0C14C6A3C15", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9676DB10-982D-445F-9779-B39AE720AF2F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48D3EB09-6069-4289-A61E-C15B044EA2E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F045D6B1-459B-46F0-86DF-F9AA3CCEA9BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40A1A5F9-4971-4E9D-BBE7-5A0357C56213", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F53C74B-2154-417E-ACFE-01F0BACD3F15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D76A2268-5397-466C-98B5-01B46B4840A1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F8888A7-3285-4ACA-A5AD-2B0578050C4C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2C12934-E79C-41A4-B023-BADD7D68CB55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D288227C-69C1-4248-AB4A-51F44A41FDEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27F765CD-B8A9-45B6-BA3C-C569FF0F8FF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91EDD23A-1DBD-4117-9396-89ADBC705B3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF07B014-1BA3-477E-A405-5DB35F68126A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "80502856-7617-4ED9-A103-681021131EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7178F049-8E48-4175-AE8C-818128205D33", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*", matchCriteriaId: "B9F9F101-6042-4D11-98CE-16A996023B38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7327CDF-EF0D-443B-A822-D69669C3B80C", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "18DC9125-FC41-4BAB-9638-C42DEF40235B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7DDB0D1-21AC-43AC-9DDF-C6D89D3F1AA1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*", matchCriteriaId: "5C19D54A-8070-4EC6-9B30-B1B04A8BDABD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FAB9D2E-94BC-4C90-ADF3-27FB34FC23A9", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*", matchCriteriaId: "1FF67A06-D93B-4E4E-A639-29E0E49654FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3003D9C7-A979-4289-AADD-190A55434F31", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "0EFCF766-E1D3-4BD5-A70C-3A824B7D45DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A0E6F26-15BE-4586-8ACD-1DAF9492A7D7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*", matchCriteriaId: "72EC10EB-0679-4AFE-ABC3-C58A68A0C4DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED3A29A7-F1B0-4A2C-AB63-6E4A57A6864D", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*", matchCriteriaId: "49C5CBD8-9799-4EBA-8297-EAE04F43DDD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4EFEB827-71F1-4DDF-B156-949AF8E39A34", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*", matchCriteriaId: "39310380-7D17-46C5-B91A-DFDF602D56A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B191270-07F7-4173-833A-7F4929F643BF", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0C21EC27-F0A8-4DCA-88AD-92D07477B5AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC590D4F-C818-4CD8-A8E9-E2A951E5D768", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp:-:*:*:*:*:*:*:*", matchCriteriaId: "804E37AB-9EE4-4931-A874-4FBD427252D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6AABE919-D289-43CB-A285-3212E630B313", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "CC286693-55D6-4949-8164-262EB6C022C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA08C94B-BE44-49D1-AB10-7512F65D6DF1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7B235D-0141-46E5-9057-2203555AE58A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "578CE1DA-BA53-4EA5-AB2D-4670321DDF81", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "CB6B6ED1-7057-4240-B1C9-660173BF1A6A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DFEA3FDE-9575-4E9B-BE5F-6BEB005381D8", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F7D1CCD-4DFD-4037-9BDC-65466D639456", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5FC77B9E-9081-44E0-82AF-0411940B0684", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A2B708-309D-4BE5-BAEE-7AE035A2ADD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED6AD6D3-75AC-4C7E-9471-8288FB7AABA4", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "B6550B2D-4B8E-414C-B4CB-7B12D6D4EA4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D51DCE8E-2E29-4969-A26B-A1A10220CA83", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*", matchCriteriaId: "8E922B78-7951-4115-8985-D824F6DDE41B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F4F3FB17-F6E8-4BB1-B910-C9F03B936C32", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "62852B4B-AF5A-4967-AFC2-14CEC2F6972C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF97E576-EBD2-4F1F-BE8F-4254D134565B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "9CCF0CEF-2E48-472E-9BDE-6E63F4CEA467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0378595B-379F-4775-B5D9-CCAC4042F635", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "585424EB-F9AB-45FB-B5C5-78FE45E3341A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A03BBB2-9650-4C8A-A137-0C8AC6CDAD66", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*", matchCriteriaId: "4ABC0D8D-4F32-487F-835C-DADAB647EC21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BCD1CF2-F24A-4C47-9C88-340E67C77871", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "7668BC0B-A47A-4E05-9933-51CD43F3B7BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4DAD438B-DABE-4B9A-9CDB-9BAC16313F0F", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*", matchCriteriaId: "78645734-50C1-4331-9FC4-AC8A8679B6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1F3FE19-E279-4280-8F67-0C085B083E10", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "22B8B758-9781-474E-93C3-17DDDF263CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED7BCCB2-CE77-45A3-A6E1-D591894847C7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "323CEAEA-8122-43A5-BB87-97C7133FF510", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E7C43419-B7AA-40EB-A40D-840F975BE2EC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6BE498F8-A9D8-4A92-90CE-21BA30234947", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "580A5BD5-2E8E-4801-BFE8-7476088F4214", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*", matchCriteriaId: "E7806CF9-4DA5-4090-84BD-D098C5FB1178", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFAC6598-DDAC-4873-9545-39B0EF21D478", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "EE4E3630-DB15-46EA-B320-E4E457240B9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "561064E3-FC05-4028-B75D-4D2519FEFD24", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0B0A02C9-A7CB-4CB3-B5DC-5FEE20A59208", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4303ED83-6610-458F-BEE9-B99BA31DD962", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*", matchCriteriaId: "39AB9EB3-0F05-41C2-A32F-27B6D0C9C039", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "475E5069-C120-4D49-AB9D-D3C3F94BD093", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "41614C70-97B4-44C8-A441-530A413A26F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "274E5C49-CA32-44D2-A864-C99A48CAA869", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6751FB7D-C72C-4321-B535-5880FE696FC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CD13707-1164-415E-9083-7946D151F1FC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", matchCriteriaId: "0F1AE867-67B4-4871-BF56-88017533A737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A09FF2D-F369-47B5-AEE4-A862BEDD9851", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*", matchCriteriaId: "69285324-4C0B-4BDC-B60D-F653679DD52D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BBC3005-41D0-4BA0-A146-E48E612CAF58", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "FAF28152-D6CA-4D20-BDF1-1EF4B7D10429", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85B917B7-81E1-4419-B493-1D321027017E", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCBEE10A-7E96-4239-AE6C-5FA9A6A32196", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "70D62F13-AD59-435E-851A-87A0A6E2FA3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42288C48-A2AA-4AA1-B5A2-F83C5A3689AE", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*", matchCriteriaId: "57E5489B-277A-4D02-B4AB-4DB65969EED2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFCDC84E-0695-409A-844B-D24024CC33F2", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "2B40D2EB-5C69-47FA-801B-DC48407D418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1DB6C03-71BF-4359-834B-384E78910E64", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", matchCriteriaId: "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8082D4C1-C59E-43B6-B11F-C814ACD00321", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*", matchCriteriaId: "24C7FB09-D247-48F0-B87C-6A478BDC0A5A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34349AEF-170F-432F-8D64-347F08536D3A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "17BD41C2-2398-4A03-9C5F-43AEF424261E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EACF7493-4FE6-4902-9EE7-76F1B4AB118A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "2B313A4C-D3E7-4964-BA51-3401546B36C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3237051D-0342-4DB8-B4A1-40A3B33A67BB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "D6E888EA-73A7-42B8-A617-621CF192F2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4969C410-25DF-4BFA-9125-53D63B33691B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*", matchCriteriaId: "67E4D039-5BF8-469B-A6FE-A391A6D1BDA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4A2ED6E-6632-4DD9-A359-73EB28BB306B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "33D044BD-12AD-42C9-B01C-957BEC6C6790", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B54DF8C-BB5A-46AF-862D-DC8E984A05AB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "12512EC4-FB7D-420F-9A8A-547562BE1B49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FF74FFD-81C8-4E63-8B7B-AEBD98AB34F7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C9BACE8C-6C69-4BC4-8F5B-1C74FA7EB339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en la familia de switches SCALANCE X-200 (incluyendo Variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.2.5), familia de switches SCALANCE X-200IRT (incluyendo la variante SIPLUS NET) (Todas las versiones anteriores a la versión V5.5.0). Los dispositivos crean una nueva clave única tras el restablecimiento de fábrica, excepto cuando se usan con C-PLUG. Cuando se usa con C-PLUG, los dispositivos usan la clave RSA privada embebida que se envía con la imagen del firmware. Un atacante podría aprovechar esta situación en una situación de man-in-the-middle y descifrar el tráfico capturado previamente", }, ], id: "CVE-2020-28391", lastModified: "2024-11-21T05:22:42.433", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-12T21:15:18.120", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", "Vendor Advisory", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", "Vendor Advisory", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-321", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-798", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-13 11:15
Modified
2024-12-10 14:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-599968.html | ||
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf | Patch, Vendor Advisory | |
productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 | Third Party Advisory, US Government Resource | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-599968.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 | Third Party Advisory, US Government Resource |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | dk_standard_ethernet_controller_evaluation_kit_firmware | * | |
siemens | dk_standard_ethernet_controller_evaluation_kit | - | |
siemens | ek-ertec_200_evaulation_kit_firmware | * | |
siemens | ek-ertec_200_evaulation_kit | - | |
siemens | ek-ertec_200p_evaluation_kit_firmware | * | |
siemens | ek-ertec_200p_evaluation_kit | - | |
siemens | ruggedcom_rm1224_firmware | * | |
siemens | ruggedcom_rm1224 | - | |
siemens | scalance_m-800_firmware | * | |
siemens | scalance_m-800 | - | |
siemens | scalance_s615_firmware | * | |
siemens | scalance_s615 | - | |
siemens | scalance_w700_firmware | * | |
siemens | scalance_w700 | - | |
siemens | scalance_w1700_firmware | * | |
siemens | scalance_w1700 | - | |
siemens | scalance_x200-4_p_irt_firmware | * | |
siemens | scalance_x200-4_p_irt | - | |
siemens | scalance_x201-3p_irt_firmware | * | |
siemens | scalance_x201-3p_irt | - | |
siemens | scalance_x201-3p_irt_pro_firmware | * | |
siemens | scalance_x201-3p_irt_pro | - | |
siemens | scalance_x202-2_irt_firmware | * | |
siemens | scalance_x202-2_irt | - | |
siemens | scalance_x202-2p_irt_pro_firmware | * | |
siemens | scalance_x202-2p_irt_pro | - | |
siemens | scalance_x204_irt_firmware | * | |
siemens | scalance_x204_irt | - | |
siemens | scalance_x204_irt_pro_firmware | * | |
siemens | scalance_x204_irt_pro | - | |
siemens | scalance_x204-2_firmware | * | |
siemens | scalance_x204-2_ | - | |
siemens | scalance_x204-2fm_firmware | * | |
siemens | scalance_x204-2fm | - | |
siemens | scalance_x204-2ld_firmware | * | |
siemens | scalance_x204-2ld | - | |
siemens | scalance_x204-2ld_ts_firmware | * | |
siemens | scalance_x204-2ld_ts | - | |
siemens | scalance_x204-2ts_firmware | * | |
siemens | scalance_x204-2ts | - | |
siemens | scalance_x206-1_firmware | * | |
siemens | scalance_x206-1 | - | |
siemens | scalance_x206-1ld_firmware | * | |
siemens | scalance_x206-1ld | - | |
siemens | scalance_x208_firmware | * | |
siemens | scalance_x208 | - | |
siemens | scalance_x208pro_firmware | * | |
siemens | scalance_x208pro | - | |
siemens | scalance_x212-2_firmware | * | |
siemens | scalance_x212-2 | - | |
siemens | scalance_x212-2ld_firmware | * | |
siemens | scalance_x212-2ld | - | |
siemens | scalance_x216_firmware | * | |
siemens | scalance_x216 | - | |
siemens | scalance_x224_firmware | * | |
siemens | scalance_x224 | - | |
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | * | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-3ldfe_firmware | * | |
siemens | scalance_x320-3ldfe | - | |
siemens | scalance_xb-200_firmware | * | |
siemens | scalance_xb-200 | - | |
siemens | scalance_xc-200_firmware | * | |
siemens | scalance_xc-200 | - | |
siemens | scalance_xf201-3p_irt_firmware | * | |
siemens | scalance_xf201-3p_irt | - | |
siemens | scalance_xf202-2p_irt_firmware | * | |
siemens | scalance_xf202-2p_irt | - | |
siemens | scalance_xf204_firmware | * | |
siemens | scalance_xf204 | - | |
siemens | scalance_xf204_irt_firmware | * | |
siemens | scalance_xf204_irt | - | |
siemens | scalance_xf204-2_firmware | * | |
siemens | scalance_xf204-2_ | - | |
siemens | scalance_xf204-2ba_irt_firmware | * | |
siemens | scalance_xf204-2ba_irt | - | |
siemens | scalance_xf206-1_firmware | * | |
siemens | scalance_xf206-1 | - | |
siemens | scalance_xf208_firmware | * | |
siemens | scalance_xf208 | - | |
siemens | scalance_xf-200ba_firmware | * | |
siemens | scalance_xf-200ba | - | |
siemens | scalance_xm400_firmware | * | |
siemens | scalance_xm400 | - | |
siemens | scalance_xp-200_firmware | * | |
siemens | scalance_xp-200 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | scalance_xr500_firmware | * | |
siemens | scalance_xr500 | - | |
siemens | scalance_xr-300wg_firmware | * | |
siemens | scalance_xr-300wg | - | |
siemens | simatic_cfu_pa_firmware | * | |
siemens | simatic_cfu_pa | - | |
siemens | simatic_ie\/pb-link_v3_firmware | * | |
siemens | simatic_ie\/pb-link_v3 | - | |
siemens | simatic_mv500_firmware | * | |
siemens | simatic_mv500 | - | |
siemens | simatic_net_cm_1542-1_firmware | * | |
siemens | simatic_net_cm_1542-1 | - | |
siemens | simatic_net_cp1616_firmware | * | |
siemens | simatic_net_cp1616 | - | |
siemens | simatic_net_cp1604_firmware | * | |
siemens | simatic_net_cp1604 | - | |
siemens | simatic_net_cp1626_firmware | * | |
siemens | simatic_net_cp1626 | - | |
siemens | simatic_net_dk-16xx_pn_io | * | |
siemens | simatic_power_line_booster_plb_firmware | * | |
siemens | simatic_power_line_booster_plb | - | |
siemens | simatic_profinet_driver_firmware | * | |
siemens | simatic_profinet_driver | - | |
siemens | simatic_s7-1200_firmware | * | |
siemens | simatic_s7-1200 | - | |
siemens | simocode_prov_ethernet\/ip_firmware | * | |
siemens | simocode_prov_ethernet\/ip | - | |
siemens | simocode_prov_profinet_firmware | * | |
siemens | simocode_prov_profinet | - | |
siemens | softnet-ie_pnio_firmware | * | |
siemens | softnet-ie_pnio | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:dk_standard_ethernet_controller_evaluation_kit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1BA1C1FD-EF49-488E-AB49-6F571D9E21B0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:dk_standard_ethernet_controller_evaluation_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "83110E06-CDB2-49AE-B1E6-6785E0801A53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ek-ertec_200_evaulation_kit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "978998A4-C7B5-4D6D-9FAD-3C6F975C8881", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ek-ertec_200_evaulation_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "12C60870-6B8C-4E91-B156-60D87B85543F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ek-ertec_200p_evaluation_kit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "249935E8-C45B-4586-B6BA-664AF23C7468", versionEndExcluding: "4.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ek-ertec_200p_evaluation_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "37176F8D-F1CB-4792-86FF-DA0FF674E0B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "758CC5D1-F26C-4093-BE09-0583F4CDBBDB", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02BC878B-BF73-4A2C-A9D5-F9FF0F3D418B", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F5AD34D-61AA-47B0-993A-4834984893EA", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60CB864-640E-4BC2-B378-5AF3DCA292D4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*", matchCriteriaId: "D3033B1E-57A6-4AE3-A861-7047CF8EAD79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44B0E5EA-4924-4865-AE6F-2F7BFCE5513B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*", matchCriteriaId: "5D9A73DD-4A21-4096-B4B6-A0A825E71006", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x200-4_p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8FCE9120-8091-41EC-A75E-01ED4AF64E28", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x200-4_p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "73E42E20-18CB-40A7-B6D5-751F26303995", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA86FF0D-7B16-4991-B4A5-AF33BF40693A", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "3268CF75-6DAB-416A-B19B-2A8F95C268CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2326FF-5125-44F5-871C-2DC505E2B299", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "492E8AC1-338B-4AC3-90C7-1FADCD4528C4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A12E0F8-A7BB-48E9-98E5-7DA4962FA8AE", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "577D1E21-717C-4508-AE91-0BC490C89F85", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29C03AD0-7A60-4BFB-A0D3-BABB9717F1A1", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "F4726901-34BF-4F70-80A6-71648A4A29FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "576A1BD5-84DE-4FFC-926D-6C40E5176660", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "0BC31F0E-389B-4925-88DE-726F2F0D2A23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFE2ABF4-2996-4671-A5AF-4424FB2537C1", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "8FF096BA-A6F4-46B3-9B9B-7FCEE7E6A6C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACE1A821-8F0A-4B96-AC8A-B219215014B1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2_:-:*:*:*:*:*:*:*", matchCriteriaId: "1AA16CFF-C01A-4AC0-A20E-50CBD3AA1C3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54201E08-15E3-4C93-9A0D-DC376B7C8D88", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*", matchCriteriaId: "1FCBC784-8EA0-4C6C-B504-DFC164028E4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "75220631-DD7D-4E86-8405-F98340FFE27C", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "2BE27611-53E7-4162-8630-5BC334B02E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3032A499-DFD5-4FEA-8AC6-E661781387AB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "1FDEBD6B-6BE4-4FAD-A4E6-BE762595434D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A493C49A-8BF9-43E5-98D5-55E5390A36A5", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*", matchCriteriaId: "E5FFC1E9-4326-4F41-A86A-C52AB6A9A674", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C9747F-BEC3-486E-B553-3339F8B54C3A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "0A5BB0F2-DD4C-4AB4-9B8F-B2501B239080", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C8D68AC-8F30-4919-ADB3-A6018458602B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*", matchCriteriaId: "6DFF7FB7-774B-45ED-8400-951230DF0511", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BC1450A-92ED-451F-9890-4E18CA974485", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*", matchCriteriaId: "B3B574E2-F7BA-496B-887C-D25F386AA5E1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "768320F0-10F5-4B36-AEB6-9DEEA43A30E8", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*", matchCriteriaId: "DF2C60CF-4089-4993-A2CB-B7FBDAF81D62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31B8367C-5EAC-49F4-83B8-C7E3BD373092", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*", matchCriteriaId: "4E716A4E-50A9-4C52-8DA9-098F7506F4B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55F50ABF-3E9A-4435-BAA4-7D11A2047D46", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "C08CDEE3-43EB-475E-8571-6E12824714FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC643617-D0B7-4379-8ADB-2C2BACA4B165", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*", matchCriteriaId: "F0C4BAB5-E161-4B59-8A8C-369C7852A66E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F0189DF6-DA80-49FE-B09F-0C07D892518E", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*", matchCriteriaId: "D2203895-BC4E-4B2F-9110-C2CD88A121F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF92A1A7-ADFB-49E1-AC54-03E32ECB73CE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "392D0623-343D-4BF1-BE0B-F2B347A24B62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "663897D9-82F5-436D-A0CF-BBB9338BF363", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9666E7EA-A298-4972-80F8-765B0F99EB25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9676DB10-982D-445F-9779-B39AE720AF2F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48D3EB09-6069-4289-A61E-C15B044EA2E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F045D6B1-459B-46F0-86DF-F9AA3CCEA9BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40A1A5F9-4971-4E9D-BBE7-5A0357C56213", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F53C74B-2154-417E-ACFE-01F0BACD3F15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D76A2268-5397-466C-98B5-01B46B4840A1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F8888A7-3285-4ACA-A5AD-2B0578050C4C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C08597D-6190-4C73-9ECF-2535553DECAA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2C12934-E79C-41A4-B023-BADD7D68CB55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D288227C-69C1-4248-AB4A-51F44A41FDEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27F765CD-B8A9-45B6-BA3C-C569FF0F8FF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91EDD23A-1DBD-4117-9396-89ADBC705B3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF07B014-1BA3-477E-A405-5DB35F68126A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "80502856-7617-4ED9-A103-681021131EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "144CDF5E-7E07-428B-B4DF-C94992B3A44A", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "339FFBDF-6957-481F-84CE-878B5CAAD9C8", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5557DB0-D3D8-4E53-BBA8-700B2BC336C0", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "41614C70-97B4-44C8-A441-530A413A26F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1A7EDE9-B5F9-4471-8C5D-B1D590CB85FB", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6751FB7D-C72C-4321-B535-5880FE696FC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CD13707-1164-415E-9083-7946D151F1FC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", matchCriteriaId: "0F1AE867-67B4-4871-BF56-88017533A737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86FBD0DA-ADA4-4F06-A2D6-11D7312257A2", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "25DDF1EB-80E7-491F-A197-1B220E35CDF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A09FF2D-F369-47B5-AEE4-A862BEDD9851", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2_:-:*:*:*:*:*:*:*", matchCriteriaId: "0C4207E0-7678-4E35-A79E-A6066D1E8BB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "786738CF-CA6C-4812-BD4D-595E249BFA76", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFCDC84E-0695-409A-844B-D24024CC33F2", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "2B40D2EB-5C69-47FA-801B-DC48407D418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1DB6C03-71BF-4359-834B-384E78910E64", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", matchCriteriaId: "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FBB13D3-4E04-4D01-B880-C16C4FFA240B", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D589735-017F-4675-8056-CA4FE57360E8", versionEndExcluding: "6.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC408A8-903F-43A2-9D05-65AD4482FDBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E642D10-E701-44DF-863B-D0DAA5530F50", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E6AB4BE-D669-4A95-8F8A-F2DA146D5FB1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F4B8E2B-DEFF-4F1C-B5A4-0C4671C605C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F4DE2B7-1AB3-4BA5-B261-926B774B01DD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0AC751E0-FC87-4DEB-85E8-C3E028B76482", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB09860F-9DC8-476B-9AF7-6FFE57101D6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32E2B545-326C-4724-90BC-147B57A37F20", versionEndExcluding: "6.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "080E722F-FCD4-4967-86EE-151ADC5702E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A53C2B5-A3FD-44CC-A78B-D2124EF37DB4", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cfu_pa_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5119182-CB31-466A-AB0F-7956C8B45AE0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cfu_pa:-:*:*:*:*:*:*:*", matchCriteriaId: "B6C1E4CC-2657-4383-83D8-5C8F88B12755", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ie\\/pb-link_v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A8C0F9C-AF27-424C-83F0-326EC10C40BE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ie\\/pb-link_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "939D9324-2A7F-4DBF-8F9F-DB8A379C977A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDEAC63C-E402-4698-B4A8-E9B53D5540DA", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*", matchCriteriaId: "93A5B50E-0316-4189-8F41-54732CFCF63F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cm_1542-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "761C2EC9-51B9-482B-8798-7982D265933D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cm_1542-1:-:*:*:*:*:*:*:*", matchCriteriaId: "40757A32-7347-4975-BC01-A1B28760D2C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1616_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4575EFA7-C453-466D-9C37-38FEE0B78053", versionEndIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1616:-:*:*:*:*:*:*:*", matchCriteriaId: "0B971242-13BA-4217-8FB0-92ACDCE463CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1604_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9F73267-3A7A-4A38-B999-9877B173B518", versionEndIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1604:-:*:*:*:*:*:*:*", matchCriteriaId: "A0DB421E-A774-451F-85AB-E66A4FAA33A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1626_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18143A38-84B8-479E-99FB-93FCA8CB058D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1626:-:*:*:*:*:*:*:*", matchCriteriaId: "5B0286CB-0566-4306-B069-789E5A4F168F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_net_dk-16xx_pn_io:*:*:*:*:*:*:*:*", matchCriteriaId: "78430123-6230-4B76-B163-CDA3FA77413C", versionEndIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_power_line_booster_plb_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AAAECA7-6936-48AD-B617-79F4C708E47F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_power_line_booster_plb:-:*:*:*:*:*:*:*", matchCriteriaId: "B7B52AEC-7A90-49F2-8006-FC146405C3E0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_profinet_driver_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE64639F-FC6D-43F6-A300-9B5A62495B27", versionEndExcluding: "2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:*", matchCriteriaId: "526493E9-EF74-4836-9A8F-134B625035AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6870C5CC-B7E0-45C3-9D98-F90765EE153F", versionEndExcluding: "4.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*", matchCriteriaId: "EC545350-FD53-4B2E-886F-E20F12260C9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simocode_prov_ethernet\\/ip_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FBDC4FD6-06A6-4728-B8A0-D896CD89FD3E", versionEndExcluding: "1.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simocode_prov_ethernet\\/ip:-:*:*:*:*:*:*:*", matchCriteriaId: "6CBAF8CF-6159-46D2-AB92-7CB5BFA7467B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simocode_prov_profinet_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27AC468E-63F9-443B-906C-D1794B846744", versionEndExcluding: "2.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simocode_prov_profinet:-:*:*:*:*:*:*:*", matchCriteriaId: "E595680D-555C-4A8E-A409-88CBCE6681E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:softnet-ie_pnio_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45650D6F-1F5F-4DC8-BF5C-C4FBE3D3E39D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:softnet-ie_pnio:-:*:*:*:*:*:*:*", matchCriteriaId: "B8673C81-91F5-4E74-8C5F-829040F39E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.", }, { lang: "es", value: "Los dispositivos afectados contienen una vulnerabilidad que permite a un atacante no autentificado desencadenar una condición de denegación de servicio. La vulnerabilidad puede activarse si se envía una gran cantidad de paquetes de restablecimiento de DCP al dispositivo", }, ], id: "CVE-2020-28400", lastModified: "2024-12-10T14:15:19.373", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", automatable: "NOT_DEFINED", availabilityRequirements: "NOT_DEFINED", baseScore: 8.7, baseSeverity: "HIGH", confidentialityRequirements: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirements: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubsequentSystemAvailability: "NOT_DEFINED", modifiedSubsequentSystemConfidentiality: "NOT_DEFINED", modifiedSubsequentSystemIntegrity: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnerableSystemAvailability: "NOT_DEFINED", modifiedVulnerableSystemConfidentiality: "NOT_DEFINED", modifiedVulnerableSystemIntegrity: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", recovery: "NOT_DEFINED", safety: "NOT_DEFINED", subsequentSystemAvailability: "NONE", subsequentSystemConfidentiality: "NONE", subsequentSystemIntegrity: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnerabilityResponseEffort: "NOT_DEFINED", vulnerableSystemAvailability: "HIGH", vulnerableSystemConfidentiality: "NONE", vulnerableSystemIntegrity: "NONE", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2021-07-13T11:15:08.960", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:53
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | - | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-1-2ldfe_firmware | * | |
siemens | scalance_x320-1-2ldfe | - | |
siemens | scalance_x408-2_firmware | * | |
siemens | scalance_x408-2 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | siplus_net_scalance_x308-2_firmware | * | |
siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Los dispositivos afectados no comprueban correctamente el URI de las peticiones HTTP GET entrantes. Esto podría permitir a un atacante remoto no autenticado bloquear los dispositivos afectados", }, ], id: "CVE-2022-26335", lastModified: "2024-11-21T06:53:46.287", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.923", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | - | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-1-2ldfe_firmware | * | |
siemens | scalance_x320-1-2ldfe | - | |
siemens | scalance_x408-2_firmware | * | |
siemens | scalance_x408-2 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | siplus_net_scalance_x308-2_firmware | * | |
siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Los dispositivos afectados no comprueban correctamente los encabezados HTTP de las peticiones entrantes. Esto podría permitir a un atacante remoto no autenticado bloquear los dispositivos afectados", }, ], id: "CVE-2022-25751", lastModified: "2024-11-21T06:52:55.653", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.597", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-01-12 21:15
Modified
2024-11-21 05:17
Severity ?
Summary
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x200-4pirt_firmware | * | |
siemens | scalance_x200-4pirt | - | |
siemens | scalance_x201-3pirt_firmware | * | |
siemens | scalance_x201-3pirt | - | |
siemens | scalance_x202-2irt_firmware | * | |
siemens | scalance_x202-2irt | - | |
siemens | scalance_x202-2pirt_firmware | * | |
siemens | scalance_x202-2pirt | - | |
siemens | scalance_x202-2pirt_siplus_net_firmware | * | |
siemens | scalance_x202-2pirt_siplus_net | - | |
siemens | scalance_x204irt_firmware | * | |
siemens | scalance_x204irt | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-3ldfe_firmware | * | |
siemens | scalance_x320-3ldfe | - | |
siemens | scalance_xb205-3_firmware | * | |
siemens | scalance_xb205-3 | - | |
siemens | scalance_xb205-3ld_firmware | * | |
siemens | scalance_xb205-3ld | - | |
siemens | scalance_xb208_firmware | * | |
siemens | scalance_xb208 | - | |
siemens | scalance_xb213-3_firmware | * | |
siemens | scalance_xb213-3 | - | |
siemens | scalance_xb213-3ld_firmware | * | |
siemens | scalance_xb213-3ld | - | |
siemens | scalance_xb216_firmware | * | |
siemens | scalance_xb216 | - | |
siemens | scalance_xc206-2_firmware | * | |
siemens | scalance_xc206-2 | - | |
siemens | scalance_xc206-2g_poe__firmware | * | |
siemens | scalance_xc206-2g_poe_ | - | |
siemens | scalance_xc206-2g_poe_eec_firmware | * | |
siemens | scalance_xc206-2g_poe_eec | - | |
siemens | scalance_xc206-2sfp_firmware | * | |
siemens | scalance_xc206-2sfp | - | |
siemens | scalance_xc206-2sfp_eec_firmware | * | |
siemens | scalance_xc206-2sfp_eec | - | |
siemens | scalance_xc206-2sfp_g_firmware | * | |
siemens | scalance_xc206-2sfp_g | - | |
siemens | scalance_xc206-2sfp_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc206-2sfp_g_\(e\/ip\) | - | |
siemens | scalance_xc206-2sfp_g_eec_firmware | * | |
siemens | scalance_xc206-2sfp_g_eec | - | |
siemens | scalance_xc208_firmware | * | |
siemens | scalance_xc208 | - | |
siemens | scalance_xc208eec_firmware | * | |
siemens | scalance_xc208eec | - | |
siemens | scalance_xc208g_firmware | * | |
siemens | scalance_xc208g | - | |
siemens | scalance_xc208g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc208g_\(e\/ip\) | - | |
siemens | scalance_xc208g_eec_firmware | * | |
siemens | scalance_xc208g_eec | - | |
siemens | scalance_xc208g_poe_firmware | * | |
siemens | scalance_xc208g_poe | - | |
siemens | scalance_xc216_firmware | * | |
siemens | scalance_xc216 | - | |
siemens | scalance_xc216-4c_firmware | * | |
siemens | scalance_xc216-4c | - | |
siemens | scalance_xc216-4c_g_firmware | * | |
siemens | scalance_xc216-4c_g | - | |
siemens | scalance_xc216-4c_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc216-4c_g_\(e\/ip\) | - | |
siemens | scalance_xc216-4c_g_eec_firmware | * | |
siemens | scalance_xc216-4c_g_eec | - | |
siemens | scalance_xc216eec_firmware | * | |
siemens | scalance_xc216eec | - | |
siemens | scalance_xc224-4c_g__firmware | * | |
siemens | scalance_xc224-4c_g_ | - | |
siemens | scalance_xc224-4c_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc224-4c_g_\(e\/ip\) | - | |
siemens | scalance_xc224-4c_g_eec_firmware | * | |
siemens | scalance_xc224-4c_g_eec | - | |
siemens | scalance_xc224__firmware | * | |
siemens | scalance_xc224_ | - | |
siemens | scalance_xf201-3p_irt_firmware | * | |
siemens | scalance_xf201-3p_irt | - | |
siemens | scalance_xf202-2p_irt_firmware | * | |
siemens | scalance_xf202-2p_irt | - | |
siemens | scalance_xf204_firmware | * | |
siemens | scalance_xf204 | - | |
siemens | scalance_xf204-2_firmware | * | |
siemens | scalance_xf204-2 | - | |
siemens | scalance_xf204-2ba_dna_firmware | * | |
siemens | scalance_xf204-2ba_dna | - | |
siemens | scalance_xf204-2ba_irt_firmware | * | |
siemens | scalance_xf204-2ba_irt | - | |
siemens | scalance_xf204_dna_firmware | * | |
siemens | scalance_xf204_dna | - | |
siemens | scalance_xf204irt_firmware | * | |
siemens | scalance_xf204irt | - | |
siemens | scalance_xf206-1_firmware | * | |
siemens | scalance_xf206-1 | - | |
siemens | scalance_xf208_firmware | * | |
siemens | scalance_xf208 | - | |
siemens | scalance_xp208_firmware | * | |
siemens | scalance_xp208 | - | |
siemens | scalance_xp208_\(eip\)_firmware | * | |
siemens | scalance_xp208_\(eip\) | - | |
siemens | scalance_xp208eec_firmware | * | |
siemens | scalance_xp208eec | - | |
siemens | scalance_xp208poe_eec_firmware | * | |
siemens | scalance_xp208poe_eec | - | |
siemens | scalance_xp216_firmware | * | |
siemens | scalance_xp216 | - | |
siemens | scalance_xp216_\(eip\)_firmware | * | |
siemens | scalance_xp216_\(eip\) | - | |
siemens | scalance_xp216eec_firmware | * | |
siemens | scalance_xp216eec | - | |
siemens | scalance_xp216poe_eec_firmware | * | |
siemens | scalance_xp216poe_eec | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x200-4pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43B261ED-08C4-4A0D-8BAC-221006AB6F93", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x200-4pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "8FDCB432-1AD0-4BF1-839F-8091D9871831", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53F56390-77CB-42D5-A603-5FB29EE5DAA5", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "47498977-D642-4864-BB94-4CE077EDEB82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "666FACCE-89EB-4E5D-A718-F1D4945F7DF4", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*", matchCriteriaId: "A8B1D979-038F-42F4-AB7D-E0664D051B4E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B79AD48F-2B99-4BE5-B3D7-440E2D3BC699", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "D7819B14-7E93-4D0F-AAD5-049BE3B36D07", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2pirt_siplus_net_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD18B3BE-E98D-46D1-AA10-89EB89BAFFEB", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2pirt_siplus_net:-:*:*:*:*:*:*:*", matchCriteriaId: "DABC3436-E04E-4B6C-9EF4-47B08C57B166", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C94D093-9D17-47C9-A7F6-28FF241BF874", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6716DCDE-BD3F-4BA2-A66A-A0C14C6A3C15", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9676DB10-982D-445F-9779-B39AE720AF2F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48D3EB09-6069-4289-A61E-C15B044EA2E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F045D6B1-459B-46F0-86DF-F9AA3CCEA9BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40A1A5F9-4971-4E9D-BBE7-5A0357C56213", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F53C74B-2154-417E-ACFE-01F0BACD3F15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D76A2268-5397-466C-98B5-01B46B4840A1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F8888A7-3285-4ACA-A5AD-2B0578050C4C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2C12934-E79C-41A4-B023-BADD7D68CB55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D288227C-69C1-4248-AB4A-51F44A41FDEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27F765CD-B8A9-45B6-BA3C-C569FF0F8FF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91EDD23A-1DBD-4117-9396-89ADBC705B3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF07B014-1BA3-477E-A405-5DB35F68126A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "80502856-7617-4ED9-A103-681021131EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7178F049-8E48-4175-AE8C-818128205D33", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*", matchCriteriaId: "B9F9F101-6042-4D11-98CE-16A996023B38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7327CDF-EF0D-443B-A822-D69669C3B80C", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "18DC9125-FC41-4BAB-9638-C42DEF40235B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7DDB0D1-21AC-43AC-9DDF-C6D89D3F1AA1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*", matchCriteriaId: "5C19D54A-8070-4EC6-9B30-B1B04A8BDABD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FAB9D2E-94BC-4C90-ADF3-27FB34FC23A9", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*", matchCriteriaId: "1FF67A06-D93B-4E4E-A639-29E0E49654FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3003D9C7-A979-4289-AADD-190A55434F31", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "0EFCF766-E1D3-4BD5-A70C-3A824B7D45DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A0E6F26-15BE-4586-8ACD-1DAF9492A7D7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*", matchCriteriaId: "72EC10EB-0679-4AFE-ABC3-C58A68A0C4DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED3A29A7-F1B0-4A2C-AB63-6E4A57A6864D", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*", matchCriteriaId: "49C5CBD8-9799-4EBA-8297-EAE04F43DDD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4EFEB827-71F1-4DDF-B156-949AF8E39A34", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*", matchCriteriaId: "39310380-7D17-46C5-B91A-DFDF602D56A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B191270-07F7-4173-833A-7F4929F643BF", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0C21EC27-F0A8-4DCA-88AD-92D07477B5AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC590D4F-C818-4CD8-A8E9-E2A951E5D768", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp:-:*:*:*:*:*:*:*", matchCriteriaId: "804E37AB-9EE4-4931-A874-4FBD427252D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6AABE919-D289-43CB-A285-3212E630B313", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "CC286693-55D6-4949-8164-262EB6C022C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA08C94B-BE44-49D1-AB10-7512F65D6DF1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7B235D-0141-46E5-9057-2203555AE58A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "578CE1DA-BA53-4EA5-AB2D-4670321DDF81", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "CB6B6ED1-7057-4240-B1C9-660173BF1A6A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DFEA3FDE-9575-4E9B-BE5F-6BEB005381D8", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F7D1CCD-4DFD-4037-9BDC-65466D639456", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5FC77B9E-9081-44E0-82AF-0411940B0684", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A2B708-309D-4BE5-BAEE-7AE035A2ADD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED6AD6D3-75AC-4C7E-9471-8288FB7AABA4", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "B6550B2D-4B8E-414C-B4CB-7B12D6D4EA4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D51DCE8E-2E29-4969-A26B-A1A10220CA83", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*", matchCriteriaId: "8E922B78-7951-4115-8985-D824F6DDE41B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F4F3FB17-F6E8-4BB1-B910-C9F03B936C32", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "62852B4B-AF5A-4967-AFC2-14CEC2F6972C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF97E576-EBD2-4F1F-BE8F-4254D134565B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "9CCF0CEF-2E48-472E-9BDE-6E63F4CEA467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0378595B-379F-4775-B5D9-CCAC4042F635", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "585424EB-F9AB-45FB-B5C5-78FE45E3341A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A03BBB2-9650-4C8A-A137-0C8AC6CDAD66", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*", matchCriteriaId: "4ABC0D8D-4F32-487F-835C-DADAB647EC21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BCD1CF2-F24A-4C47-9C88-340E67C77871", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "7668BC0B-A47A-4E05-9933-51CD43F3B7BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4DAD438B-DABE-4B9A-9CDB-9BAC16313F0F", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*", matchCriteriaId: "78645734-50C1-4331-9FC4-AC8A8679B6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1F3FE19-E279-4280-8F67-0C085B083E10", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "22B8B758-9781-474E-93C3-17DDDF263CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED7BCCB2-CE77-45A3-A6E1-D591894847C7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "323CEAEA-8122-43A5-BB87-97C7133FF510", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E7C43419-B7AA-40EB-A40D-840F975BE2EC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6BE498F8-A9D8-4A92-90CE-21BA30234947", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "580A5BD5-2E8E-4801-BFE8-7476088F4214", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*", matchCriteriaId: "E7806CF9-4DA5-4090-84BD-D098C5FB1178", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFAC6598-DDAC-4873-9545-39B0EF21D478", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "EE4E3630-DB15-46EA-B320-E4E457240B9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "561064E3-FC05-4028-B75D-4D2519FEFD24", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0B0A02C9-A7CB-4CB3-B5DC-5FEE20A59208", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4303ED83-6610-458F-BEE9-B99BA31DD962", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*", matchCriteriaId: "39AB9EB3-0F05-41C2-A32F-27B6D0C9C039", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "475E5069-C120-4D49-AB9D-D3C3F94BD093", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "41614C70-97B4-44C8-A441-530A413A26F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "274E5C49-CA32-44D2-A864-C99A48CAA869", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6751FB7D-C72C-4321-B535-5880FE696FC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CD13707-1164-415E-9083-7946D151F1FC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", matchCriteriaId: "0F1AE867-67B4-4871-BF56-88017533A737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A09FF2D-F369-47B5-AEE4-A862BEDD9851", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*", matchCriteriaId: "69285324-4C0B-4BDC-B60D-F653679DD52D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BBC3005-41D0-4BA0-A146-E48E612CAF58", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "FAF28152-D6CA-4D20-BDF1-1EF4B7D10429", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85B917B7-81E1-4419-B493-1D321027017E", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCBEE10A-7E96-4239-AE6C-5FA9A6A32196", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "70D62F13-AD59-435E-851A-87A0A6E2FA3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42288C48-A2AA-4AA1-B5A2-F83C5A3689AE", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*", matchCriteriaId: "57E5489B-277A-4D02-B4AB-4DB65969EED2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFCDC84E-0695-409A-844B-D24024CC33F2", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "2B40D2EB-5C69-47FA-801B-DC48407D418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1DB6C03-71BF-4359-834B-384E78910E64", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", matchCriteriaId: "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8082D4C1-C59E-43B6-B11F-C814ACD00321", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*", matchCriteriaId: "24C7FB09-D247-48F0-B87C-6A478BDC0A5A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34349AEF-170F-432F-8D64-347F08536D3A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "17BD41C2-2398-4A03-9C5F-43AEF424261E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EACF7493-4FE6-4902-9EE7-76F1B4AB118A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "2B313A4C-D3E7-4964-BA51-3401546B36C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3237051D-0342-4DB8-B4A1-40A3B33A67BB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "D6E888EA-73A7-42B8-A617-621CF192F2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4969C410-25DF-4BFA-9125-53D63B33691B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*", matchCriteriaId: "67E4D039-5BF8-469B-A6FE-A391A6D1BDA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4A2ED6E-6632-4DD9-A359-73EB28BB306B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "33D044BD-12AD-42C9-B01C-957BEC6C6790", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B54DF8C-BB5A-46AF-862D-DC8E984A05AB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "12512EC4-FB7D-420F-9A8A-547562BE1B49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FF74FFD-81C8-4E63-8B7B-AEBD98AB34F7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C9BACE8C-6C69-4BC4-8F5B-1C74FA7EB339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en la familia de switches SCALANCE X-200 (incluyendo Variantes SIPLUS NET) (Todas las versiones anteriores a la versiónV5.2.5), familia de switches SCALANCE X-200IRT (incluyendo Variantes SIPLUS NET) (Todas las versiones anteriores a la versiónV5.5.0). El servidor web de los dispositivos afectados contiene una vulnerabilidad que puede conllevar una condición de desbordamiento del búfer. Un atacante podría causar esta condición en el servidor web enviando una petición especialmente diseñada. El servidor web podría detenerse y no recuperarse más", }, ], id: "CVE-2020-25226", lastModified: "2024-11-21T05:17:42.257", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-12T21:15:16.543", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-122", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | - | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-1-2ldfe_firmware | * | |
siemens | scalance_x320-1-2ldfe | - | |
siemens | scalance_x408-2_firmware | * | |
siemens | scalance_x408-2 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | siplus_net_scalance_x308-2_firmware | * | |
siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. El servidor web integrado podría permitir ataques de tipo Cross-Site Scripting (XSS) si los usuarios desprevenidos son engañados para acceder a un enlace malicioso. Esto puede ser usado por un atacante para lanzar una petición maliciosa en el dispositivo afectado", }, ], id: "CVE-2022-25756", lastModified: "2024-11-21T06:52:56.657", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.837", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-80", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:53
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | - | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-1-2ldfe_firmware | * | |
siemens | scalance_x320-1-2ldfe | - | |
siemens | scalance_x408-2_firmware | * | |
siemens | scalance_x408-2 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | siplus_net_scalance_x308-2_firmware | * | |
siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Los dispositivos afectados no comprueban correctamente el parámetro GET XNo de las peticiones HTTP entrantes. Esto podría permitir a un atacante remoto no autenticado bloquear los dispositivos afectados", }, ], id: "CVE-2022-26334", lastModified: "2024-11-21T06:53:46.077", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.880", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | - | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-1-2ldfe_firmware | * | |
siemens | scalance_x320-1-2ldfe | - | |
siemens | scalance_x408-2_firmware | * | |
siemens | scalance_x408-2 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | siplus_net_scalance_x308-2_firmware | * | |
siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. El servidor web de un dispositivo afectado carece de encabezados de seguridad específicas. Esto podría permitir a un atacante remoto extraer información confidencial de la sesión bajo determinadas circunstancias", }, ], id: "CVE-2022-25755", lastModified: "2024-11-21T06:52:56.460", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.793", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-01-12 21:15
Modified
2024-11-21 05:06
Severity ?
Summary
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x200-4pirt_firmware | * | |
siemens | scalance_x200-4pirt | - | |
siemens | scalance_x201-3pirt_firmware | * | |
siemens | scalance_x201-3pirt | - | |
siemens | scalance_x202-2irt_firmware | * | |
siemens | scalance_x202-2irt | - | |
siemens | scalance_x202-2pirt_firmware | * | |
siemens | scalance_x202-2pirt | - | |
siemens | scalance_x202-2pirt_siplus_net_firmware | * | |
siemens | scalance_x202-2pirt_siplus_net | - | |
siemens | scalance_x204irt_firmware | * | |
siemens | scalance_x204irt | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-3ldfe_firmware | * | |
siemens | scalance_x320-3ldfe | - | |
siemens | scalance_xb205-3_firmware | * | |
siemens | scalance_xb205-3 | - | |
siemens | scalance_xb205-3ld_firmware | * | |
siemens | scalance_xb205-3ld | - | |
siemens | scalance_xb208_firmware | * | |
siemens | scalance_xb208 | - | |
siemens | scalance_xb213-3_firmware | * | |
siemens | scalance_xb213-3 | - | |
siemens | scalance_xb213-3ld_firmware | * | |
siemens | scalance_xb213-3ld | - | |
siemens | scalance_xb216_firmware | * | |
siemens | scalance_xb216 | - | |
siemens | scalance_xc206-2_firmware | * | |
siemens | scalance_xc206-2 | - | |
siemens | scalance_xc206-2g_poe__firmware | * | |
siemens | scalance_xc206-2g_poe_ | - | |
siemens | scalance_xc206-2g_poe_eec_firmware | * | |
siemens | scalance_xc206-2g_poe_eec | - | |
siemens | scalance_xc206-2sfp_firmware | * | |
siemens | scalance_xc206-2sfp | - | |
siemens | scalance_xc206-2sfp_eec_firmware | * | |
siemens | scalance_xc206-2sfp_eec | - | |
siemens | scalance_xc206-2sfp_g_firmware | * | |
siemens | scalance_xc206-2sfp_g | - | |
siemens | scalance_xc206-2sfp_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc206-2sfp_g_\(e\/ip\) | - | |
siemens | scalance_xc206-2sfp_g_eec_firmware | * | |
siemens | scalance_xc206-2sfp_g_eec | - | |
siemens | scalance_xc208_firmware | * | |
siemens | scalance_xc208 | - | |
siemens | scalance_xc208eec_firmware | * | |
siemens | scalance_xc208eec | - | |
siemens | scalance_xc208g_firmware | * | |
siemens | scalance_xc208g | - | |
siemens | scalance_xc208g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc208g_\(e\/ip\) | - | |
siemens | scalance_xc208g_eec_firmware | * | |
siemens | scalance_xc208g_eec | - | |
siemens | scalance_xc208g_poe_firmware | * | |
siemens | scalance_xc208g_poe | - | |
siemens | scalance_xc216_firmware | * | |
siemens | scalance_xc216 | - | |
siemens | scalance_xc216-4c_firmware | * | |
siemens | scalance_xc216-4c | - | |
siemens | scalance_xc216-4c_g_firmware | * | |
siemens | scalance_xc216-4c_g | - | |
siemens | scalance_xc216-4c_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc216-4c_g_\(e\/ip\) | - | |
siemens | scalance_xc216-4c_g_eec_firmware | * | |
siemens | scalance_xc216-4c_g_eec | - | |
siemens | scalance_xc216eec_firmware | * | |
siemens | scalance_xc216eec | - | |
siemens | scalance_xc224-4c_g__firmware | * | |
siemens | scalance_xc224-4c_g_ | - | |
siemens | scalance_xc224-4c_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc224-4c_g_\(e\/ip\) | - | |
siemens | scalance_xc224-4c_g_eec_firmware | * | |
siemens | scalance_xc224-4c_g_eec | - | |
siemens | scalance_xc224__firmware | * | |
siemens | scalance_xc224_ | - | |
siemens | scalance_xf201-3p_irt_firmware | * | |
siemens | scalance_xf201-3p_irt | - | |
siemens | scalance_xf202-2p_irt_firmware | * | |
siemens | scalance_xf202-2p_irt | - | |
siemens | scalance_xf204_firmware | * | |
siemens | scalance_xf204 | - | |
siemens | scalance_xf204-2_firmware | * | |
siemens | scalance_xf204-2 | - | |
siemens | scalance_xf204-2ba_dna_firmware | * | |
siemens | scalance_xf204-2ba_dna | - | |
siemens | scalance_xf204-2ba_irt_firmware | * | |
siemens | scalance_xf204-2ba_irt | - | |
siemens | scalance_xf204_dna_firmware | * | |
siemens | scalance_xf204_dna | - | |
siemens | scalance_xf204irt_firmware | * | |
siemens | scalance_xf204irt | - | |
siemens | scalance_xf206-1_firmware | * | |
siemens | scalance_xf206-1 | - | |
siemens | scalance_xf208_firmware | * | |
siemens | scalance_xf208 | - | |
siemens | scalance_xp208_firmware | * | |
siemens | scalance_xp208 | - | |
siemens | scalance_xp208_\(eip\)_firmware | * | |
siemens | scalance_xp208_\(eip\) | - | |
siemens | scalance_xp208eec_firmware | * | |
siemens | scalance_xp208eec | - | |
siemens | scalance_xp208poe_eec_firmware | * | |
siemens | scalance_xp208poe_eec | - | |
siemens | scalance_xp216_firmware | * | |
siemens | scalance_xp216 | - | |
siemens | scalance_xp216_\(eip\)_firmware | * | |
siemens | scalance_xp216_\(eip\) | - | |
siemens | scalance_xp216eec_firmware | * | |
siemens | scalance_xp216eec | - | |
siemens | scalance_xp216poe_eec_firmware | * | |
siemens | scalance_xp216poe_eec | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x200-4pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43B261ED-08C4-4A0D-8BAC-221006AB6F93", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x200-4pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "8FDCB432-1AD0-4BF1-839F-8091D9871831", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53F56390-77CB-42D5-A603-5FB29EE5DAA5", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "47498977-D642-4864-BB94-4CE077EDEB82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "666FACCE-89EB-4E5D-A718-F1D4945F7DF4", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*", matchCriteriaId: "A8B1D979-038F-42F4-AB7D-E0664D051B4E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B79AD48F-2B99-4BE5-B3D7-440E2D3BC699", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "D7819B14-7E93-4D0F-AAD5-049BE3B36D07", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2pirt_siplus_net_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD18B3BE-E98D-46D1-AA10-89EB89BAFFEB", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2pirt_siplus_net:-:*:*:*:*:*:*:*", matchCriteriaId: "DABC3436-E04E-4B6C-9EF4-47B08C57B166", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C94D093-9D17-47C9-A7F6-28FF241BF874", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6716DCDE-BD3F-4BA2-A66A-A0C14C6A3C15", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9676DB10-982D-445F-9779-B39AE720AF2F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48D3EB09-6069-4289-A61E-C15B044EA2E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F045D6B1-459B-46F0-86DF-F9AA3CCEA9BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40A1A5F9-4971-4E9D-BBE7-5A0357C56213", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F53C74B-2154-417E-ACFE-01F0BACD3F15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D76A2268-5397-466C-98B5-01B46B4840A1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F8888A7-3285-4ACA-A5AD-2B0578050C4C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2C12934-E79C-41A4-B023-BADD7D68CB55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D288227C-69C1-4248-AB4A-51F44A41FDEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27F765CD-B8A9-45B6-BA3C-C569FF0F8FF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91EDD23A-1DBD-4117-9396-89ADBC705B3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF07B014-1BA3-477E-A405-5DB35F68126A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "80502856-7617-4ED9-A103-681021131EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7178F049-8E48-4175-AE8C-818128205D33", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*", matchCriteriaId: "B9F9F101-6042-4D11-98CE-16A996023B38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7327CDF-EF0D-443B-A822-D69669C3B80C", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "18DC9125-FC41-4BAB-9638-C42DEF40235B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7DDB0D1-21AC-43AC-9DDF-C6D89D3F1AA1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*", matchCriteriaId: "5C19D54A-8070-4EC6-9B30-B1B04A8BDABD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FAB9D2E-94BC-4C90-ADF3-27FB34FC23A9", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*", matchCriteriaId: "1FF67A06-D93B-4E4E-A639-29E0E49654FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3003D9C7-A979-4289-AADD-190A55434F31", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "0EFCF766-E1D3-4BD5-A70C-3A824B7D45DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A0E6F26-15BE-4586-8ACD-1DAF9492A7D7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*", matchCriteriaId: "72EC10EB-0679-4AFE-ABC3-C58A68A0C4DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED3A29A7-F1B0-4A2C-AB63-6E4A57A6864D", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*", matchCriteriaId: "49C5CBD8-9799-4EBA-8297-EAE04F43DDD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4EFEB827-71F1-4DDF-B156-949AF8E39A34", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*", matchCriteriaId: "39310380-7D17-46C5-B91A-DFDF602D56A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B191270-07F7-4173-833A-7F4929F643BF", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0C21EC27-F0A8-4DCA-88AD-92D07477B5AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC590D4F-C818-4CD8-A8E9-E2A951E5D768", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp:-:*:*:*:*:*:*:*", matchCriteriaId: "804E37AB-9EE4-4931-A874-4FBD427252D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6AABE919-D289-43CB-A285-3212E630B313", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "CC286693-55D6-4949-8164-262EB6C022C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA08C94B-BE44-49D1-AB10-7512F65D6DF1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7B235D-0141-46E5-9057-2203555AE58A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "578CE1DA-BA53-4EA5-AB2D-4670321DDF81", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "CB6B6ED1-7057-4240-B1C9-660173BF1A6A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DFEA3FDE-9575-4E9B-BE5F-6BEB005381D8", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F7D1CCD-4DFD-4037-9BDC-65466D639456", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5FC77B9E-9081-44E0-82AF-0411940B0684", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A2B708-309D-4BE5-BAEE-7AE035A2ADD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED6AD6D3-75AC-4C7E-9471-8288FB7AABA4", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "B6550B2D-4B8E-414C-B4CB-7B12D6D4EA4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D51DCE8E-2E29-4969-A26B-A1A10220CA83", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*", matchCriteriaId: "8E922B78-7951-4115-8985-D824F6DDE41B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F4F3FB17-F6E8-4BB1-B910-C9F03B936C32", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "62852B4B-AF5A-4967-AFC2-14CEC2F6972C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF97E576-EBD2-4F1F-BE8F-4254D134565B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "9CCF0CEF-2E48-472E-9BDE-6E63F4CEA467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0378595B-379F-4775-B5D9-CCAC4042F635", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "585424EB-F9AB-45FB-B5C5-78FE45E3341A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A03BBB2-9650-4C8A-A137-0C8AC6CDAD66", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*", matchCriteriaId: "4ABC0D8D-4F32-487F-835C-DADAB647EC21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BCD1CF2-F24A-4C47-9C88-340E67C77871", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "7668BC0B-A47A-4E05-9933-51CD43F3B7BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4DAD438B-DABE-4B9A-9CDB-9BAC16313F0F", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*", matchCriteriaId: "78645734-50C1-4331-9FC4-AC8A8679B6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1F3FE19-E279-4280-8F67-0C085B083E10", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "22B8B758-9781-474E-93C3-17DDDF263CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED7BCCB2-CE77-45A3-A6E1-D591894847C7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "323CEAEA-8122-43A5-BB87-97C7133FF510", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E7C43419-B7AA-40EB-A40D-840F975BE2EC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6BE498F8-A9D8-4A92-90CE-21BA30234947", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "580A5BD5-2E8E-4801-BFE8-7476088F4214", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*", matchCriteriaId: "E7806CF9-4DA5-4090-84BD-D098C5FB1178", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFAC6598-DDAC-4873-9545-39B0EF21D478", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "EE4E3630-DB15-46EA-B320-E4E457240B9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "561064E3-FC05-4028-B75D-4D2519FEFD24", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0B0A02C9-A7CB-4CB3-B5DC-5FEE20A59208", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4303ED83-6610-458F-BEE9-B99BA31DD962", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*", matchCriteriaId: "39AB9EB3-0F05-41C2-A32F-27B6D0C9C039", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "475E5069-C120-4D49-AB9D-D3C3F94BD093", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "41614C70-97B4-44C8-A441-530A413A26F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "274E5C49-CA32-44D2-A864-C99A48CAA869", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6751FB7D-C72C-4321-B535-5880FE696FC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CD13707-1164-415E-9083-7946D151F1FC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", matchCriteriaId: "0F1AE867-67B4-4871-BF56-88017533A737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A09FF2D-F369-47B5-AEE4-A862BEDD9851", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*", matchCriteriaId: "69285324-4C0B-4BDC-B60D-F653679DD52D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BBC3005-41D0-4BA0-A146-E48E612CAF58", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "FAF28152-D6CA-4D20-BDF1-1EF4B7D10429", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85B917B7-81E1-4419-B493-1D321027017E", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCBEE10A-7E96-4239-AE6C-5FA9A6A32196", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "70D62F13-AD59-435E-851A-87A0A6E2FA3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42288C48-A2AA-4AA1-B5A2-F83C5A3689AE", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*", matchCriteriaId: "57E5489B-277A-4D02-B4AB-4DB65969EED2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFCDC84E-0695-409A-844B-D24024CC33F2", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "2B40D2EB-5C69-47FA-801B-DC48407D418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1DB6C03-71BF-4359-834B-384E78910E64", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", matchCriteriaId: "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8082D4C1-C59E-43B6-B11F-C814ACD00321", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*", matchCriteriaId: "24C7FB09-D247-48F0-B87C-6A478BDC0A5A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34349AEF-170F-432F-8D64-347F08536D3A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "17BD41C2-2398-4A03-9C5F-43AEF424261E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EACF7493-4FE6-4902-9EE7-76F1B4AB118A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "2B313A4C-D3E7-4964-BA51-3401546B36C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3237051D-0342-4DB8-B4A1-40A3B33A67BB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "D6E888EA-73A7-42B8-A617-621CF192F2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4969C410-25DF-4BFA-9125-53D63B33691B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*", matchCriteriaId: "67E4D039-5BF8-469B-A6FE-A391A6D1BDA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4A2ED6E-6632-4DD9-A359-73EB28BB306B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "33D044BD-12AD-42C9-B01C-957BEC6C6790", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B54DF8C-BB5A-46AF-862D-DC8E984A05AB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "12512EC4-FB7D-420F-9A8A-547562BE1B49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FF74FFD-81C8-4E63-8B7B-AEBD98AB34F7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C9BACE8C-6C69-4BC4-8F5B-1C74FA7EB339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en la familia de switches (incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.2.5), familia de switches SCALANCE X-200IRT (incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.5.0). La vulnerabilidad podría permitir a un atacante no autenticado reiniciar el dispositivo a través de la red mediante el uso de direcciones URL especiales del servidor web integrado de los productos afectados", }, ], id: "CVE-2020-15799", lastModified: "2024-11-21T05:06:12.267", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-12T21:15:16.370", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | - | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-1-2ldfe_firmware | * | |
siemens | scalance_x320-1-2ldfe | - | |
siemens | scalance_x408-2_firmware | * | |
siemens | scalance_x408-2 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | siplus_net_scalance_x308-2_firmware | * | |
siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. El servidor web de los dispositivos afectados calcula los identificadores de sesión y los nonces de forma no segura. Esto podría permitir a un atacante remoto no autenticado forzar los identificadores de sesión y secuestrar las sesiones existentes", }, ], id: "CVE-2022-25752", lastModified: "2024-11-21T06:52:55.867", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.650", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-330", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-330", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-01-12 21:15
Modified
2024-11-21 05:06
Severity ?
Summary
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x200-4pirt_firmware | * | |
siemens | scalance_x200-4pirt | - | |
siemens | scalance_x201-3pirt_firmware | * | |
siemens | scalance_x201-3pirt | - | |
siemens | scalance_x202-2irt_firmware | * | |
siemens | scalance_x202-2irt | - | |
siemens | scalance_x202-2pirt_firmware | * | |
siemens | scalance_x202-2pirt | - | |
siemens | scalance_x202-2pirt_siplus_net_firmware | * | |
siemens | scalance_x202-2pirt_siplus_net | - | |
siemens | scalance_x204irt_firmware | * | |
siemens | scalance_x204irt | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-3ldfe_firmware | * | |
siemens | scalance_x320-3ldfe | - | |
siemens | scalance_xb205-3_firmware | * | |
siemens | scalance_xb205-3 | - | |
siemens | scalance_xb205-3ld_firmware | * | |
siemens | scalance_xb205-3ld | - | |
siemens | scalance_xb208_firmware | * | |
siemens | scalance_xb208 | - | |
siemens | scalance_xb213-3_firmware | * | |
siemens | scalance_xb213-3 | - | |
siemens | scalance_xb213-3ld_firmware | * | |
siemens | scalance_xb213-3ld | - | |
siemens | scalance_xb216_firmware | * | |
siemens | scalance_xb216 | - | |
siemens | scalance_xc206-2_firmware | * | |
siemens | scalance_xc206-2 | - | |
siemens | scalance_xc206-2g_poe__firmware | * | |
siemens | scalance_xc206-2g_poe_ | - | |
siemens | scalance_xc206-2g_poe_eec_firmware | * | |
siemens | scalance_xc206-2g_poe_eec | - | |
siemens | scalance_xc206-2sfp_firmware | * | |
siemens | scalance_xc206-2sfp | - | |
siemens | scalance_xc206-2sfp_eec_firmware | * | |
siemens | scalance_xc206-2sfp_eec | - | |
siemens | scalance_xc206-2sfp_g_firmware | * | |
siemens | scalance_xc206-2sfp_g | - | |
siemens | scalance_xc206-2sfp_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc206-2sfp_g_\(e\/ip\) | - | |
siemens | scalance_xc206-2sfp_g_eec_firmware | * | |
siemens | scalance_xc206-2sfp_g_eec | - | |
siemens | scalance_xc208_firmware | * | |
siemens | scalance_xc208 | - | |
siemens | scalance_xc208eec_firmware | * | |
siemens | scalance_xc208eec | - | |
siemens | scalance_xc208g_firmware | * | |
siemens | scalance_xc208g | - | |
siemens | scalance_xc208g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc208g_\(e\/ip\) | - | |
siemens | scalance_xc208g_eec_firmware | * | |
siemens | scalance_xc208g_eec | - | |
siemens | scalance_xc208g_poe_firmware | * | |
siemens | scalance_xc208g_poe | - | |
siemens | scalance_xc216_firmware | * | |
siemens | scalance_xc216 | - | |
siemens | scalance_xc216-4c_firmware | * | |
siemens | scalance_xc216-4c | - | |
siemens | scalance_xc216-4c_g_firmware | * | |
siemens | scalance_xc216-4c_g | - | |
siemens | scalance_xc216-4c_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc216-4c_g_\(e\/ip\) | - | |
siemens | scalance_xc216-4c_g_eec_firmware | * | |
siemens | scalance_xc216-4c_g_eec | - | |
siemens | scalance_xc216eec_firmware | * | |
siemens | scalance_xc216eec | - | |
siemens | scalance_xc224-4c_g__firmware | * | |
siemens | scalance_xc224-4c_g_ | - | |
siemens | scalance_xc224-4c_g_\(e\/ip\)_firmware | * | |
siemens | scalance_xc224-4c_g_\(e\/ip\) | - | |
siemens | scalance_xc224-4c_g_eec_firmware | * | |
siemens | scalance_xc224-4c_g_eec | - | |
siemens | scalance_xc224__firmware | * | |
siemens | scalance_xc224_ | - | |
siemens | scalance_xf201-3p_irt_firmware | * | |
siemens | scalance_xf201-3p_irt | - | |
siemens | scalance_xf202-2p_irt_firmware | * | |
siemens | scalance_xf202-2p_irt | - | |
siemens | scalance_xf204_firmware | * | |
siemens | scalance_xf204 | - | |
siemens | scalance_xf204-2_firmware | * | |
siemens | scalance_xf204-2 | - | |
siemens | scalance_xf204-2ba_dna_firmware | * | |
siemens | scalance_xf204-2ba_dna | - | |
siemens | scalance_xf204-2ba_irt_firmware | * | |
siemens | scalance_xf204-2ba_irt | - | |
siemens | scalance_xf204_dna_firmware | * | |
siemens | scalance_xf204_dna | - | |
siemens | scalance_xf204irt_firmware | * | |
siemens | scalance_xf204irt | - | |
siemens | scalance_xf206-1_firmware | * | |
siemens | scalance_xf206-1 | - | |
siemens | scalance_xf208_firmware | * | |
siemens | scalance_xf208 | - | |
siemens | scalance_xp208_firmware | * | |
siemens | scalance_xp208 | - | |
siemens | scalance_xp208_\(eip\)_firmware | * | |
siemens | scalance_xp208_\(eip\) | - | |
siemens | scalance_xp208eec_firmware | * | |
siemens | scalance_xp208eec | - | |
siemens | scalance_xp208poe_eec_firmware | * | |
siemens | scalance_xp208poe_eec | - | |
siemens | scalance_xp216_firmware | * | |
siemens | scalance_xp216 | - | |
siemens | scalance_xp216_\(eip\)_firmware | * | |
siemens | scalance_xp216_\(eip\) | - | |
siemens | scalance_xp216eec_firmware | * | |
siemens | scalance_xp216eec | - | |
siemens | scalance_xp216poe_eec_firmware | * | |
siemens | scalance_xp216poe_eec | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x200-4pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43B261ED-08C4-4A0D-8BAC-221006AB6F93", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x200-4pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "8FDCB432-1AD0-4BF1-839F-8091D9871831", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53F56390-77CB-42D5-A603-5FB29EE5DAA5", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "47498977-D642-4864-BB94-4CE077EDEB82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "666FACCE-89EB-4E5D-A718-F1D4945F7DF4", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*", matchCriteriaId: "A8B1D979-038F-42F4-AB7D-E0664D051B4E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2pirt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B79AD48F-2B99-4BE5-B3D7-440E2D3BC699", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2pirt:-:*:*:*:*:*:*:*", matchCriteriaId: "D7819B14-7E93-4D0F-AAD5-049BE3B36D07", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2pirt_siplus_net_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD18B3BE-E98D-46D1-AA10-89EB89BAFFEB", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2pirt_siplus_net:-:*:*:*:*:*:*:*", matchCriteriaId: "DABC3436-E04E-4B6C-9EF4-47B08C57B166", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C94D093-9D17-47C9-A7F6-28FF241BF874", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6716DCDE-BD3F-4BA2-A66A-A0C14C6A3C15", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9676DB10-982D-445F-9779-B39AE720AF2F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48D3EB09-6069-4289-A61E-C15B044EA2E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F045D6B1-459B-46F0-86DF-F9AA3CCEA9BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40A1A5F9-4971-4E9D-BBE7-5A0357C56213", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F53C74B-2154-417E-ACFE-01F0BACD3F15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D76A2268-5397-466C-98B5-01B46B4840A1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F8888A7-3285-4ACA-A5AD-2B0578050C4C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2C12934-E79C-41A4-B023-BADD7D68CB55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D288227C-69C1-4248-AB4A-51F44A41FDEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27F765CD-B8A9-45B6-BA3C-C569FF0F8FF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91EDD23A-1DBD-4117-9396-89ADBC705B3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF07B014-1BA3-477E-A405-5DB35F68126A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "80502856-7617-4ED9-A103-681021131EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7178F049-8E48-4175-AE8C-818128205D33", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*", matchCriteriaId: "B9F9F101-6042-4D11-98CE-16A996023B38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7327CDF-EF0D-443B-A822-D69669C3B80C", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "18DC9125-FC41-4BAB-9638-C42DEF40235B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7DDB0D1-21AC-43AC-9DDF-C6D89D3F1AA1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*", matchCriteriaId: "5C19D54A-8070-4EC6-9B30-B1B04A8BDABD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FAB9D2E-94BC-4C90-ADF3-27FB34FC23A9", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*", matchCriteriaId: "1FF67A06-D93B-4E4E-A639-29E0E49654FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3003D9C7-A979-4289-AADD-190A55434F31", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "0EFCF766-E1D3-4BD5-A70C-3A824B7D45DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A0E6F26-15BE-4586-8ACD-1DAF9492A7D7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*", matchCriteriaId: "72EC10EB-0679-4AFE-ABC3-C58A68A0C4DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED3A29A7-F1B0-4A2C-AB63-6E4A57A6864D", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*", matchCriteriaId: "49C5CBD8-9799-4EBA-8297-EAE04F43DDD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4EFEB827-71F1-4DDF-B156-949AF8E39A34", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*", matchCriteriaId: "39310380-7D17-46C5-B91A-DFDF602D56A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B191270-07F7-4173-833A-7F4929F643BF", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0C21EC27-F0A8-4DCA-88AD-92D07477B5AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC590D4F-C818-4CD8-A8E9-E2A951E5D768", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp:-:*:*:*:*:*:*:*", matchCriteriaId: "804E37AB-9EE4-4931-A874-4FBD427252D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6AABE919-D289-43CB-A285-3212E630B313", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "CC286693-55D6-4949-8164-262EB6C022C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA08C94B-BE44-49D1-AB10-7512F65D6DF1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7B235D-0141-46E5-9057-2203555AE58A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "578CE1DA-BA53-4EA5-AB2D-4670321DDF81", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "CB6B6ED1-7057-4240-B1C9-660173BF1A6A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DFEA3FDE-9575-4E9B-BE5F-6BEB005381D8", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F7D1CCD-4DFD-4037-9BDC-65466D639456", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5FC77B9E-9081-44E0-82AF-0411940B0684", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A2B708-309D-4BE5-BAEE-7AE035A2ADD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED6AD6D3-75AC-4C7E-9471-8288FB7AABA4", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "B6550B2D-4B8E-414C-B4CB-7B12D6D4EA4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D51DCE8E-2E29-4969-A26B-A1A10220CA83", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*", matchCriteriaId: "8E922B78-7951-4115-8985-D824F6DDE41B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F4F3FB17-F6E8-4BB1-B910-C9F03B936C32", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "62852B4B-AF5A-4967-AFC2-14CEC2F6972C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF97E576-EBD2-4F1F-BE8F-4254D134565B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "9CCF0CEF-2E48-472E-9BDE-6E63F4CEA467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0378595B-379F-4775-B5D9-CCAC4042F635", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "585424EB-F9AB-45FB-B5C5-78FE45E3341A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A03BBB2-9650-4C8A-A137-0C8AC6CDAD66", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*", matchCriteriaId: "4ABC0D8D-4F32-487F-835C-DADAB647EC21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BCD1CF2-F24A-4C47-9C88-340E67C77871", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "7668BC0B-A47A-4E05-9933-51CD43F3B7BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4DAD438B-DABE-4B9A-9CDB-9BAC16313F0F", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*", matchCriteriaId: "78645734-50C1-4331-9FC4-AC8A8679B6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1F3FE19-E279-4280-8F67-0C085B083E10", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "22B8B758-9781-474E-93C3-17DDDF263CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED7BCCB2-CE77-45A3-A6E1-D591894847C7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "323CEAEA-8122-43A5-BB87-97C7133FF510", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E7C43419-B7AA-40EB-A40D-840F975BE2EC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6BE498F8-A9D8-4A92-90CE-21BA30234947", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "580A5BD5-2E8E-4801-BFE8-7476088F4214", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*", matchCriteriaId: "E7806CF9-4DA5-4090-84BD-D098C5FB1178", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFAC6598-DDAC-4873-9545-39B0EF21D478", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "EE4E3630-DB15-46EA-B320-E4E457240B9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "561064E3-FC05-4028-B75D-4D2519FEFD24", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0B0A02C9-A7CB-4CB3-B5DC-5FEE20A59208", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4303ED83-6610-458F-BEE9-B99BA31DD962", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*", matchCriteriaId: "39AB9EB3-0F05-41C2-A32F-27B6D0C9C039", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "475E5069-C120-4D49-AB9D-D3C3F94BD093", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "41614C70-97B4-44C8-A441-530A413A26F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "274E5C49-CA32-44D2-A864-C99A48CAA869", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6751FB7D-C72C-4321-B535-5880FE696FC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CD13707-1164-415E-9083-7946D151F1FC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", matchCriteriaId: "0F1AE867-67B4-4871-BF56-88017533A737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A09FF2D-F369-47B5-AEE4-A862BEDD9851", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*", matchCriteriaId: "69285324-4C0B-4BDC-B60D-F653679DD52D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BBC3005-41D0-4BA0-A146-E48E612CAF58", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "FAF28152-D6CA-4D20-BDF1-1EF4B7D10429", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85B917B7-81E1-4419-B493-1D321027017E", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCBEE10A-7E96-4239-AE6C-5FA9A6A32196", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "70D62F13-AD59-435E-851A-87A0A6E2FA3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42288C48-A2AA-4AA1-B5A2-F83C5A3689AE", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*", matchCriteriaId: "57E5489B-277A-4D02-B4AB-4DB65969EED2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFCDC84E-0695-409A-844B-D24024CC33F2", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "2B40D2EB-5C69-47FA-801B-DC48407D418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1DB6C03-71BF-4359-834B-384E78910E64", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", matchCriteriaId: "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8082D4C1-C59E-43B6-B11F-C814ACD00321", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*", matchCriteriaId: "24C7FB09-D247-48F0-B87C-6A478BDC0A5A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34349AEF-170F-432F-8D64-347F08536D3A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "17BD41C2-2398-4A03-9C5F-43AEF424261E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EACF7493-4FE6-4902-9EE7-76F1B4AB118A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "2B313A4C-D3E7-4964-BA51-3401546B36C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3237051D-0342-4DB8-B4A1-40A3B33A67BB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "D6E888EA-73A7-42B8-A617-621CF192F2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4969C410-25DF-4BFA-9125-53D63B33691B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*", matchCriteriaId: "67E4D039-5BF8-469B-A6FE-A391A6D1BDA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4A2ED6E-6632-4DD9-A359-73EB28BB306B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "33D044BD-12AD-42C9-B01C-957BEC6C6790", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B54DF8C-BB5A-46AF-862D-DC8E984A05AB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "12512EC4-FB7D-420F-9A8A-547562BE1B49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FF74FFD-81C8-4E63-8B7B-AEBD98AB34F7", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C9BACE8C-6C69-4BC4-8F5B-1C74FA7EB339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en la familia de switches SCALANCE X-200 (incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X-200IRT switch family (incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.5.0), familia de switches SCALANCE X-300 (incluyendo Variantes X408 y SIPLUS NET) (Todas las versiones anteriores a la versión V4.1.0). El servidor web de los dispositivos afectados contiene una vulnerabilidad que puede conllevar una condición de desbordamiento de la pila. Un atacante podría causar esta condición en el servidor web enviando peticiones especialmente diseñadas. Esto podría detener el servidor web temporalmente", }, ], id: "CVE-2020-15800", lastModified: "2024-11-21T05:06:12.450", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-12T21:15:16.480", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-122", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | - | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-1-2ldfe_firmware | * | |
siemens | scalance_x320-1-2ldfe | - | |
siemens | scalance_x408-2_firmware | * | |
siemens | scalance_x408-2 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | siplus_net_scalance_x308-2_firmware | * | |
siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Un manejo de argumentos como las direcciones IP en la CLI de los dispositivos afectados es propenso a desbordamientos de búfer. Esto podría permitir a un atacante remoto autenticado ejecutar código arbitrario en el dispositivo", }, ], id: "CVE-2022-25753", lastModified: "2024-11-21T06:52:56.073", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.700", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | - | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-1-2ldfe_firmware | * | |
siemens | scalance_x320-1-2ldfe | - | |
siemens | scalance_x408-2_firmware | * | |
siemens | scalance_x408-2 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | siplus_net_scalance_x308-2_firmware | * | |
siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. El servidor web integrado del dispositivo afectado podría permitir a atacantes remotos llevar a cabo acciones con los permisos de un usuario víctima, siempre que éste tenga una sesión activa y sea inducido a lanzar la petición maliciosa", }, ], id: "CVE-2022-25754", lastModified: "2024-11-21T06:52:56.263", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.747", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:53
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
siemens | scalance_x302-7eec_firmware | * | |
siemens | scalance_x302-7eec | - | |
siemens | scalance_x304-2fe_firmware | * | |
siemens | scalance_x304-2fe | - | |
siemens | scalance_x306-1ldfe_firmware | * | |
siemens | scalance_x306-1ldfe | - | |
siemens | scalance_x307-2eec_firmware | * | |
siemens | scalance_x307-2eec | - | |
siemens | scalance_x307-3_firmware | * | |
siemens | scalance_x307-3 | - | |
siemens | scalance_x307-3ld_firmware | * | |
siemens | scalance_x307-3ld | - | |
siemens | scalance_x308-2_firmware | * | |
siemens | scalance_x308-2 | - | |
siemens | scalance_x308-2ld_firmware | * | |
siemens | scalance_x308-2ld | - | |
siemens | scalance_x308-2lh_firmware | * | |
siemens | scalance_x308-2lh | - | |
siemens | scalance_x308-2lh\+_firmware | * | |
siemens | scalance_x308-2lh\+ | - | |
siemens | scalance_x308-2m_firmware | * | |
siemens | scalance_x308-2m | - | |
siemens | scalance_x308-2m_poe_firmware | - | |
siemens | scalance_x308-2m_poe | - | |
siemens | scalance_x308-2m_ts_firmware | * | |
siemens | scalance_x308-2m_ts | - | |
siemens | scalance_x310_firmware | * | |
siemens | scalance_x310 | - | |
siemens | scalance_x310fe_firmware | * | |
siemens | scalance_x310fe | - | |
siemens | scalance_x320-1fe_firmware | * | |
siemens | scalance_x320-1fe | - | |
siemens | scalance_x320-1-2ldfe_firmware | * | |
siemens | scalance_x320-1-2ldfe | - | |
siemens | scalance_x408-2_firmware | * | |
siemens | scalance_x408-2 | - | |
siemens | scalance_xr324-4m_eec_firmware | * | |
siemens | scalance_xr324-4m_eec | - | |
siemens | scalance_xr324-4m_poe_firmware | * | |
siemens | scalance_xr324-4m_poe | - | |
siemens | scalance_xr324-4m_poe_ts_firmware | * | |
siemens | scalance_xr324-4m_poe_ts | - | |
siemens | scalance_xr324-12m_firmware | * | |
siemens | scalance_xr324-12m | - | |
siemens | scalance_xr324-12m_ts_firmware | * | |
siemens | scalance_xr324-12m_ts | - | |
siemens | siplus_net_scalance_x308-2_firmware | * | |
siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, recubierto), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, recubierto), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, recubierto), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, recubierto), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Los dispositivos afectados no comprueban correctamente si se presenta una determinada clave SNMP. Un atacante podría usar esto para desencadenar un reinicio de un dispositivo afectado al solicitar información SNMP específica del dispositivo", }, ], id: "CVE-2022-26380", lastModified: "2024-11-21T06:53:52.853", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.970", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }