Vulnerabilites related to siemens - scalance_xr324-4m_eec
CVE-2022-26335 (GCVE-0-2022-26335)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:31.738Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:55", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-26335", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-26335", datePublished: "2022-04-12T09:07:55", dateReserved: "2022-03-01T00:00:00", dateUpdated: "2024-08-03T05:03:31.738Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-26334 (GCVE-0-2022-26334)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.480Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:54", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-26334", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-26334", datePublished: "2022-04-12T09:07:54", dateReserved: "2022-03-01T00:00:00", dateUpdated: "2024-08-03T05:03:32.480Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-26380 (GCVE-0-2022-26380)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.784Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:57", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-26380", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-26380", datePublished: "2022-04-12T09:07:57", dateReserved: "2022-03-03T00:00:00", dateUpdated: "2024-08-03T05:03:32.784Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-36324 (GCVE-0-2022-36324)
Vulnerability from cvelistv5
Published
2022-08-10 11:18
Modified
2024-08-03 10:00
Severity ?
EPSS score ?
Summary
Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: All versions < V7.1.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:00:04.354Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) EU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) NAM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router (Annex A)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router (Annex B)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router (Annex A)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router (Annex B)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (EVDO)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (RoW)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC622-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC626-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC632-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC636-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC642-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC646-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 EEC M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2IA M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM763-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 (US)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 EEC (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 EEC (US)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM763-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM763-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM766-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM766-1 (US)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (SC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (ST/BFOC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE EEC (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G (EIP DEF.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G (EIP def.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G (EIP Def.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G (EIP Def.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204 DNA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA DNA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208 (Ethernet/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208PoE EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216 (Ethernet/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216POE EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 x FE, AC 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 X FE, DC 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG (without UL)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, AC 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, DC 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC216-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, ], descriptions: [ { lang: "en", value: "Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770: Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-10T10:21:02.321Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-36324", datePublished: "2022-08-10T11:18:39", dateReserved: "2022-07-20T00:00:00", dateUpdated: "2024-08-03T10:00:04.354Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-25753 (GCVE-0-2022-25753)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.901Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121: Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:47", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25753", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-121: Stack-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25753", datePublished: "2022-04-12T09:07:47", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.901Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-28395 (GCVE-0-2020-28395)
Vulnerability from cvelistv5
Published
2021-01-12 00:00
Modified
2024-08-04 16:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X-200RNA switch family |
Version: All versions < V3.2.7 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:33:59.028Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf", }, { tags: [ "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X-200RNA switch family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.7", }, ], }, { product: "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-321", description: "CWE-321: Use of Hard-coded Cryptographic Key", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf", }, { url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-28395", datePublished: "2021-01-12T00:00:00", dateReserved: "2020-11-10T00:00:00", dateUpdated: "2024-08-04T16:33:59.028Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-25754 (GCVE-0-2022-25754)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.242Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352: Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:49", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25754", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-352: Cross-Site Request Forgery (CSRF)", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25754", datePublished: "2022-04-12T09:07:49", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.242Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-36325 (GCVE-0-2022-36325)
Vulnerability from cvelistv5
Published
2022-08-10 11:18
Modified
2024-08-03 10:00
Severity ?
EPSS score ?
Summary
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: All versions < V7.1.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:00:04.293Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) EU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) NAM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router (Annex A)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router (Annex B)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router (Annex A)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router (Annex B)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (EVDO)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (RoW)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC622-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC626-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC632-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC636-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC642-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC646-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 EEC M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2IA M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM763-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 (US)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 EEC (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 EEC (US)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM763-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM763-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM766-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM766-1 (US)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (SC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (ST/BFOC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE EEC (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G (EIP DEF.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G (EIP def.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G (EIP Def.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G (EIP Def.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204 DNA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA DNA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208 (Ethernet/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208PoE EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216 (Ethernet/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216POE EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 x FE, AC 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 X FE, DC 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG (without UL)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, AC 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, DC 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC216-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, ], descriptions: [ { lang: "en", value: "Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-80", description: "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-10T10:21:04.880Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-36325", datePublished: "2022-08-10T11:18:45", dateReserved: "2022-07-20T00:00:00", dateUpdated: "2024-08-03T10:00:04.293Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-25756 (GCVE-0-2022-25756)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.497Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-80", description: "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:52", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25756", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25756", datePublished: "2022-04-12T09:07:52", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.497Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-25751 (GCVE-0-2022-25751)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.841Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:43", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25751", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20: Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25751", datePublished: "2022-04-12T09:07:43", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.841Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-25752 (GCVE-0-2022-25752)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.562Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-330", description: "CWE-330: Use of Insufficiently Random Values", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:46", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25752", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-330: Use of Insufficiently Random Values", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25752", datePublished: "2022-04-12T09:07:46", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.562Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-28400 (GCVE-0-2020-28400)
Vulnerability from cvelistv5
Published
2021-07-13 11:02
Modified
2024-12-10 13:53
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_b", vendor: "seimens", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_dk_standard_ethernet_controller:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_dk_standard_ethernet_controller", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_ek_ertec_200:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_ek_ertec_200", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_ek_ertec_200p:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_ek_ertec_200p", vendor: "siemens", versions: [ { lessThan: "v4.7", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:ruggedcom_rm1224:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ruggedcom_rm1224", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m804pb", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_a:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_a", vendor: "seimens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_b", vendor: "seimens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m816_1_adsl_router_annex_a:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m816_1_adsl_router_annex_a", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m816-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m816-1_adsl-router_annex_b", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m826-2_shdsl-router:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m826-2_shdsl-router", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_m874_2:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_m874_2", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_m874_3:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_m874_3", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_3_evdo:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_3_evdo", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_3_rok:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_3_rok", vendor: "siemens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_4_eu:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_4_eu", vendor: "siemens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_4_nam:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_4_nam", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_s615", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w700_ieee_802.11n_family:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w700_ieee_802.11n_family", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1748_1_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1748_1_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_1_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_1_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2_eec_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2_eec_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2ia_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2ia_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x200_4p_irt:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x200_4p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x201_3p_irt:0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x201_3p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x201_3p_irt_pro:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x201_3p_irt_pro", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalancce_x202_2p_irt:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalancce_x202_2p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_202_2p_irt_pro:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_202_2p_irt_pro", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalancce_x204_2:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalancce_x204_2", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2fm:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2fm", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ld:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ld", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ld_ts:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ld_ts", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ts:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ts", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2020-28400", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-13T18:59:11.953107Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-24T18:07:44.485Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-04T16:33:59.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) EU", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) NAM", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3 3G-Router (CN)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (A1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (B1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (A1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (B1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (CN)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (RoW)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 EEC LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 EEC M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2IA M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X200-4P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2FM", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD TS", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2TS", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208PRO", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X216", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X224", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (SC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (ST/BFOC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE EEC (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G (EIP DEF.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G (EIP def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G (EIP Def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G (EIP Def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204 DNA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA DNA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF206-1", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF208", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208 (Ethernet/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208PoE EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216 (Ethernet/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216POE EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 x FE, AC 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 X FE, DC 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG (without UL)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, AC 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, DC 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CFU DIQ", vendor: "Siemens", versions: [ { lessThan: "V2.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CFU PA", vendor: "Siemens", versions: [ { lessThan: "V2.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CM 1542-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1604", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1616", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1626", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC IE/PB-LINK", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "V3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET DK-16xx PN IO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Power Line Booster PLB, Base Module", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PROFINET Driver", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.3", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC216-4C", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SOFTNET-IE PNIO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 8.7, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770: Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T13:53:22.763Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-28400", datePublished: "2021-07-13T11:02:49", dateReserved: "2020-11-10T00:00:00", dateUpdated: "2024-12-10T13:53:22.763Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-36323 (GCVE-0-2022-36323)
Vulnerability from cvelistv5
Published
2022-08-10 11:18
Modified
2024-08-03 10:00
Severity ?
EPSS score ?
Summary
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: All versions < V7.1.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:00:04.366Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) EU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) NAM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router (Annex A)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router (Annex B)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router (Annex A)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router (Annex B)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (EVDO)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (RoW)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.1.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC622-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC626-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC632-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC636-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC642-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE SC646-2C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 EEC M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2IA M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM763-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 (US)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 EEC (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WAM766-1 EEC (US)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM763-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM763-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM766-1 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE WUM766-1 (US)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (E/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (PN)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (SC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (ST/BFOC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE EEC (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G (EIP DEF.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G (EIP def.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE (54 V DC)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G (EIP Def.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G (EIP Def.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204 DNA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA DNA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208 (Ethernet/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208PoE EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216 (Ethernet/IP)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216POE EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 x FE, AC 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 X FE, DC 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG (without UL)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, AC 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, DC 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.6", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC216-4C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4", }, ], }, ], descriptions: [ { lang: "en", value: "Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.", }, ], metrics: [ { cvssV3_1: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-74", description: "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-10T10:20:59.701Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-36323", datePublished: "2022-08-10T11:18:33", dateReserved: "2022-07-20T00:00:00", dateUpdated: "2024-08-03T10:00:04.366Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-25755 (GCVE-0-2022-25755)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X302-7 EEC (230V) |
Version: All versions < V4.1.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:43.216Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284: Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:50", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-25755", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X302-7 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X302-7 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X304-2FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X306-1LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 230V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-2 EEC (2x 24V, coated)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X307-3LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LD", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2LH+", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M PoE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X308-2M TS", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X310FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1 FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X320-1-2LD FE", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE X408-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-12M TS (24V)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (230V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE (24V, ports on rear)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SCALANCE XR324-4M PoE TS (24V, ports on front)", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, { product_name: "SIPLUS NET SCALANCE X308-2", version: { version_data: [ { version_value: "All versions < V4.1.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284: Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-25755", datePublished: "2022-04-12T09:07:50", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-03T04:49:43.216Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:53
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | - | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-1-2ldfe_firmware | * | |
| siemens | scalance_x320-1-2ldfe | - | |
| siemens | scalance_x408-2_firmware | * | |
| siemens | scalance_x408-2 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | siplus_net_scalance_x308-2_firmware | * | |
| siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, recubierto), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, recubierto), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, recubierto), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, recubierto), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Los dispositivos afectados no comprueban correctamente si se presenta una determinada clave SNMP. Un atacante podría usar esto para desencadenar un reinicio de un dispositivo afectado al solicitar información SNMP específica del dispositivo", }, ], id: "CVE-2022-26380", lastModified: "2024-11-21T06:53:52.853", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.970", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | - | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-1-2ldfe_firmware | * | |
| siemens | scalance_x320-1-2ldfe | - | |
| siemens | scalance_x408-2_firmware | * | |
| siemens | scalance_x408-2 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | siplus_net_scalance_x308-2_firmware | * | |
| siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. El servidor web integrado podría permitir ataques de tipo Cross-Site Scripting (XSS) si los usuarios desprevenidos son engañados para acceder a un enlace malicioso. Esto puede ser usado por un atacante para lanzar una petición maliciosa en el dispositivo afectado", }, ], id: "CVE-2022-25756", lastModified: "2024-11-21T06:52:56.657", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.837", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-80", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:53
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | - | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-1-2ldfe_firmware | * | |
| siemens | scalance_x320-1-2ldfe | - | |
| siemens | scalance_x408-2_firmware | * | |
| siemens | scalance_x408-2 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | siplus_net_scalance_x308-2_firmware | * | |
| siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Los dispositivos afectados no comprueban correctamente el URI de las peticiones HTTP GET entrantes. Esto podría permitir a un atacante remoto no autenticado bloquear los dispositivos afectados", }, ], id: "CVE-2022-26335", lastModified: "2024-11-21T06:53:46.287", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.923", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | - | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-1-2ldfe_firmware | * | |
| siemens | scalance_x320-1-2ldfe | - | |
| siemens | scalance_x408-2_firmware | * | |
| siemens | scalance_x408-2 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | siplus_net_scalance_x308-2_firmware | * | |
| siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. El servidor web de los dispositivos afectados calcula los identificadores de sesión y los nonces de forma no segura. Esto podría permitir a un atacante remoto no autenticado forzar los identificadores de sesión y secuestrar las sesiones existentes", }, ], id: "CVE-2022-25752", lastModified: "2024-11-21T06:52:55.867", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.650", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-330", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-330", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | - | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-1-2ldfe_firmware | * | |
| siemens | scalance_x320-1-2ldfe | - | |
| siemens | scalance_x408-2_firmware | * | |
| siemens | scalance_x408-2 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | siplus_net_scalance_x308-2_firmware | * | |
| siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. El servidor web integrado del dispositivo afectado podría permitir a atacantes remotos llevar a cabo acciones con los permisos de un usuario víctima, siempre que éste tenga una sesión activa y sea inducido a lanzar la petición maliciosa", }, ], id: "CVE-2022-25754", lastModified: "2024-11-21T06:52:56.263", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.747", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-10 12:15
Modified
2024-11-21 07:12
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_m-800_firmware | * | |
| siemens | scalance_m-800 | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - | |
| siemens | scalance_sc-600_firmware | * | |
| siemens | scalance_sc-600 | - | |
| siemens | scalance_sc622-2c_firmware | * | |
| siemens | scalance_sc622-2c | - | |
| siemens | scalance_sc632-2c_firmware | * | |
| siemens | scalance_sc632-2c | - | |
| siemens | scalance_sc636-2c_firmware | * | |
| siemens | scalance_sc636-2c | - | |
| siemens | scalance_sc642-2c_firmware | * | |
| siemens | scalance_sc642-2c | - | |
| siemens | scalance_sc646-2c_firmware | * | |
| siemens | scalance_sc646-2c | - | |
| siemens | scalance_w700_ieee_802.11ax_firmware | * | |
| siemens | scalance_w700_ieee_802.11ax | - | |
| siemens | scalance_w700_ieee_802.11n_firmware | * | |
| siemens | scalance_w700_ieee_802.11n | - | |
| siemens | scalance_w700_ieee_802.11ac_firmware | * | |
| siemens | scalance_w700_ieee_802.11ac | - | |
| siemens | scalance_xb-200_firmware | * | |
| siemens | scalance_xb-200 | - | |
| siemens | scalance_xb205-3_firmware | * | |
| siemens | scalance_xb205-3 | - | |
| siemens | scalance_xb205-3ld_firmware | * | |
| siemens | scalance_xb205-3ld | - | |
| siemens | scalance_xb208_firmware | * | |
| siemens | scalance_xb208 | - | |
| siemens | scalance_xb213-3_firmware | * | |
| siemens | scalance_xb213-3 | - | |
| siemens | scalance_xb213-3ld_firmware | * | |
| siemens | scalance_xb213-3ld | - | |
| siemens | scalance_xb216_firmware | * | |
| siemens | scalance_xb216 | - | |
| siemens | scalance_xc-200_firmware | * | |
| siemens | scalance_xc-200 | - | |
| siemens | scalance_xc206-2_firmware | * | |
| siemens | scalance_xc206-2 | - | |
| siemens | scalance_xc206-2g_poe__firmware | * | |
| siemens | scalance_xc206-2g_poe_ | - | |
| siemens | scalance_xc206-2g_poe_eec_firmware | * | |
| siemens | scalance_xc206-2g_poe_eec | - | |
| siemens | scalance_xc206-2sfp_eec_firmware | * | |
| siemens | scalance_xc206-2sfp_eec | - | |
| siemens | scalance_xc206-2sfp_g_firmware | * | |
| siemens | scalance_xc206-2sfp_g | - | |
| siemens | scalance_xc206-2sfp_g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc206-2sfp_g_\(e\/ip\) | - | |
| siemens | scalance_xc206-2sfp_g_eec_firmware | * | |
| siemens | scalance_xc206-2sfp_g_eec | - | |
| siemens | scalance_xc208_firmware | * | |
| siemens | scalance_xc208 | - | |
| siemens | scalance_xc208eec_firmware | * | |
| siemens | scalance_xc208eec | - | |
| siemens | scalance_xc208g_firmware | * | |
| siemens | scalance_xc208g | - | |
| siemens | scalance_xc208g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc208g_\(e\/ip\) | - | |
| siemens | scalance_xc208g_eec_firmware | * | |
| siemens | scalance_xc208g_eec | - | |
| siemens | scalance_xc208g_poe_firmware | * | |
| siemens | scalance_xc208g_poe | - | |
| siemens | scalance_xc216_firmware | * | |
| siemens | scalance_xc216 | - | |
| siemens | scalance_xc216-4c_firmware | * | |
| siemens | scalance_xc216-4c | - | |
| siemens | scalance_xc216-4c_g_firmware | * | |
| siemens | scalance_xc216-4c_g | - | |
| siemens | scalance_xc216-4c_g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc216-4c_g_\(e\/ip\) | - | |
| siemens | scalance_xc216-4c_g_eec_firmware | * | |
| siemens | scalance_xc216-4c_g_eec | - | |
| siemens | scalance_xc216eec_firmware | * | |
| siemens | scalance_xc216eec | - | |
| siemens | scalance_xc224__firmware | * | |
| siemens | scalance_xc224_ | - | |
| siemens | scalance_xc224-4c_g__firmware | * | |
| siemens | scalance_xc224-4c_g_ | - | |
| siemens | scalance_xc224-4c_g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc224-4c_g_\(e\/ip\) | - | |
| siemens | scalance_xc224-4c_g_eec_firmware | * | |
| siemens | scalance_xc224-4c_g_eec | - | |
| siemens | scalance_xf-200ba_firmware | * | |
| siemens | scalance_xf-200ba | - | |
| siemens | scalance_xf204-2ba_dna_firmware | * | |
| siemens | scalance_xf204-2ba_dna | - | |
| siemens | scalance_xf204-2ba_irt_firmware | * | |
| siemens | scalance_xf204-2ba_irt | - | |
| siemens | scalance_xm400_firmware | * | |
| siemens | scalance_xm400 | - | |
| siemens | scalance_xm408-4c_firmware | * | |
| siemens | scalance_xm408-4c | - | |
| siemens | scalance_xm408-4c_l3_firmware | * | |
| siemens | scalance_xm408-4c_l3 | - | |
| siemens | scalance_xm408-8c_firmware | * | |
| siemens | scalance_xm408-8c | - | |
| siemens | scalance_xm408-8c_l3_firmware | * | |
| siemens | scalance_xm408-8c_l3 | - | |
| siemens | scalance_xm416-4c_firmware | * | |
| siemens | scalance_xm416-4c | - | |
| siemens | scalance_xm416-4c_l3_firmware | * | |
| siemens | scalance_xm416-4c_l3 | - | |
| siemens | scalance_xp-200_firmware | * | |
| siemens | scalance_xp-200 | - | |
| siemens | scalance_xp208_firmware | * | |
| siemens | scalance_xp208 | - | |
| siemens | scalance_xp208_\(eip\)_firmware | * | |
| siemens | scalance_xp208_\(eip\) | - | |
| siemens | scalance_xp208eec_firmware | * | |
| siemens | scalance_xp208eec | - | |
| siemens | scalance_xp208poe_eec_firmware | * | |
| siemens | scalance_xp208poe_eec | - | |
| siemens | scalance_xp216_firmware | * | |
| siemens | scalance_xp216 | - | |
| siemens | scalance_xp216_\(eip\)_firmware | * | |
| siemens | scalance_xp216_\(eip\) | - | |
| siemens | scalance_xp216eec_firmware | * | |
| siemens | scalance_xp216eec | - | |
| siemens | scalance_xp216poe_eec_firmware | * | |
| siemens | scalance_xp216poe_eec | - | |
| siemens | scalance_xr-300_firmware | * | |
| siemens | scalance_xr-300 | - | |
| siemens | scalance_xr-300eec_firmware | * | |
| siemens | scalance_xr-300eec | - | |
| siemens | scalance_xr-300poe_firmware | * | |
| siemens | scalance_xr-300poe | - | |
| siemens | scalance_xr-300wg_firmware | * | |
| siemens | scalance_xr-300wg | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324wg_firmware | * | |
| siemens | scalance_xr324wg | - | |
| siemens | scalance_xr326-2c_poe_wg_firmware | * | |
| siemens | scalance_xr326-2c_poe_wg | - | |
| siemens | scalance_xr328-4c_wg_firmware | * | |
| siemens | scalance_xr328-4c_wg | - | |
| siemens | scalance_xr500_firmware | * | |
| siemens | scalance_xr500 | - | |
| siemens | scalance_xr524_firmware | * | |
| siemens | scalance_xr524 | - | |
| siemens | scalance_xr524-8c_firmware | * | |
| siemens | scalance_xr524-8c | - | |
| siemens | scalance_xr524-8c_l3_firmware | * | |
| siemens | scalance_xr524-8c_l3 | - | |
| siemens | scalance_xr526_firmware | * | |
| siemens | scalance_xr526 | - | |
| siemens | scalance_xr526-8c_firmware | * | |
| siemens | scalance_xr526-8c | - | |
| siemens | scalance_xr526-8c_l3_firmware | * | |
| siemens | scalance_xr526-8c_l3 | - | |
| siemens | scalance_xr528_firmware | * | |
| siemens | scalance_xr528 | - | |
| siemens | scalance_xr528-6m_firmware | * | |
| siemens | scalance_xr528-6m | - | |
| siemens | scalance_xr528-6m_2hr2_firmware | * | |
| siemens | scalance_xr528-6m_2hr2 | - | |
| siemens | scalance_xr528-6m_2hr2_l3_firmware | * | |
| siemens | scalance_xr528-6m_2hr2_l3 | - | |
| siemens | scalance_xr528-6m_l3_firmware | * | |
| siemens | scalance_xr528-6m_l3 | - | |
| siemens | scalance_xr552_firmware | * | |
| siemens | scalance_xr552 | - | |
| siemens | scalance_xr552-12_firmware | * | |
| siemens | scalance_xr552-12 | - | |
| siemens | scalance_xr552-12m_firmware | * | |
| siemens | scalance_xr552-12m | - | |
| siemens | scalance_xr552-12m_2hr2_firmware | * | |
| siemens | scalance_xr552-12m_2hr2 | - | |
| siemens | scalance_xr552-12m_2hr2_l3_firmware | * | |
| siemens | scalance_xr552-12m_2hr2_l3 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A43ECBDD-F831-4364-8869-C696D1AC531A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EF65A06-2222-47D2-83B5-4C61E6D8731E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "269D399D-1B5B-46FE-A05F-90405CBC81B1", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*", matchCriteriaId: "725C671B-D7A0-48CF-8A31-5F9C4173F1DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A728A54-3FCD-46C8-89C7-D145484BF8DF", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "50FEE5FA-B141-4E5F-8673-363089262530", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "67B6AD24-FB63-4779-BFA0-B6849254A45C", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "8A79836B-5EC1-40AF-8A57-9657EF6758E5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "780BDF7D-4E7F-4A45-9E7B-D261031DA24D", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "FCB9BD17-7F1F-42E9-831F-EB907F9BC214", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F28978FB-B7F0-4D0E-9498-86F0E6B291DE", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "10C7D54A-27B4-4195-8131-DD5380472A75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4CDE958F-2E63-4870-A9CD-6A0E0224B590", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "E54AF1E6-0E52-447C-8946-18716D30EBE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23DDDAEC-C0B4-4E14-9840-101B6F24DBE5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11ax:-:*:*:*:*:*:*:*", matchCriteriaId: "09908B6A-6655-42F0-A20B-79FFBF81937A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F05D6764-79B4-4787-B2D2-E685910453C3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-:*:*:*:*:*:*:*", matchCriteriaId: "880644DA-9280-4498-AD72-5CBD59CC8142", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D7CF655-D174-4CE8-A2AC-C14967A8283B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11ac:-:*:*:*:*:*:*:*", matchCriteriaId: "C93984BD-70E6-496C-BA20-18464B0E84B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E673B450-C436-49F3-B2F3-872B704FE075", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CB0BE85-4A96-45EB-9EAA-A2D9E5D45508", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*", matchCriteriaId: "B9F9F101-6042-4D11-98CE-16A996023B38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9E6A2AB-7F15-4ABB-B00A-F5667B615ABE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "18DC9125-FC41-4BAB-9638-C42DEF40235B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "713ADE75-1915-4DBB-9FC3-59E9A03AB5A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*", matchCriteriaId: "5C19D54A-8070-4EC6-9B30-B1B04A8BDABD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0113244-9647-4E95-B1E4-DBD26ADD3786", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*", matchCriteriaId: "1FF67A06-D93B-4E4E-A639-29E0E49654FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "692B60D5-696D-4680-BB38-3C0EC0F2D034", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "0EFCF766-E1D3-4BD5-A70C-3A824B7D45DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D83C08F3-C6F7-46D1-B3F6-0173F9B7E983", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*", matchCriteriaId: "72EC10EB-0679-4AFE-ABC3-C58A68A0C4DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C08F92C8-0A5D-470E-8CFC-F622C3014336", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1C93B717-35A4-4824-9B85-DB046E38DA33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*", matchCriteriaId: "49C5CBD8-9799-4EBA-8297-EAE04F43DDD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F02CFE9-6058-4B0D-9FD5-6C84ED4A3EAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*", matchCriteriaId: "39310380-7D17-46C5-B91A-DFDF602D56A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C4EA7C54-4200-4E33-B2EA-0F82AA3ECD9D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0C21EC27-F0A8-4DCA-88AD-92D07477B5AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B9CA045-5DB1-422C-ABE2-AC89F5A27847", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "CC286693-55D6-4949-8164-262EB6C022C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81AD4EB0-A125-4E4B-9348-AA6E670061B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7B235D-0141-46E5-9057-2203555AE58A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82708B62-47F9-4909-A52C-D96BC3AA567D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "CB6B6ED1-7057-4240-B1C9-660173BF1A6A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49EBEDA9-A826-45DD-A5BB-D5B55FB47B60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F7D1CCD-4DFD-4037-9BDC-65466D639456", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "822CB559-BAFC-4674-A64B-BDCF1AAFDD0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A2B708-309D-4BE5-BAEE-7AE035A2ADD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "316A0742-A32F-453E-922A-F084D9BEAA19", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "B6550B2D-4B8E-414C-B4CB-7B12D6D4EA4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62C9A709-2AB4-4836-B925-988D78AEB278", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*", matchCriteriaId: "8E922B78-7951-4115-8985-D824F6DDE41B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17E1B7ED-A272-43C6-9CA5-4CF370F8ED1C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "62852B4B-AF5A-4967-AFC2-14CEC2F6972C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1ABF1FC1-2FB5-42D8-867C-0B93AB67C096", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "9CCF0CEF-2E48-472E-9BDE-6E63F4CEA467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "429647B3-1C26-42EF-94DC-B9630AA627CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "585424EB-F9AB-45FB-B5C5-78FE45E3341A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D2F04D78-74F0-4471-9AF6-54EA822F1992", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*", matchCriteriaId: "4ABC0D8D-4F32-487F-835C-DADAB647EC21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00C80C92-FC92-4B96-8B80-6F7E0B07EBAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "7668BC0B-A47A-4E05-9933-51CD43F3B7BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA3B23C3-8880-4640-A6B2-EA870A85AAFE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*", matchCriteriaId: "78645734-50C1-4331-9FC4-AC8A8679B6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2765D0D-9A77-45E5-9F58-BF877E6F94B7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "22B8B758-9781-474E-93C3-17DDDF263CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09F27730-5DB8-4736-B6ED-A46C3888F48D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "323CEAEA-8122-43A5-BB87-97C7133FF510", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5A04F9F-133C-4C02-BA65-CABA47E1F329", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6BE498F8-A9D8-4A92-90CE-21BA30234947", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2EA0205D-A280-4903-927A-AC4FEC051E2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*", matchCriteriaId: "39AB9EB3-0F05-41C2-A32F-27B6D0C9C039", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFF36832-3023-4AEA-800E-ED4D87271E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*", matchCriteriaId: "E7806CF9-4DA5-4090-84BD-D098C5FB1178", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33C3BB4B-63C9-4770-9CC0-053A0B655ED7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "EE4E3630-DB15-46EA-B320-E4E457240B9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9089DA8-FEF8-4927-B56A-139B67571671", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0B0A02C9-A7CB-4CB3-B5DC-5FEE20A59208", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34F19168-C521-4D67-BF88-1551F079859E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6C7A93D-B629-4A56-B961-5D4FD012E6E6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "FAF28152-D6CA-4D20-BDF1-1EF4B7D10429", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F316894-3BBB-4B72-8636-23868BF557AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6BF5436-1BCB-4945-8F2D-68F766D3567F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC408A8-903F-43A2-9D05-65AD4482FDBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "813D5C37-C5CF-4B50-920A-38C9CF042966", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "2AA81823-013F-4990-B62D-86C404F04BCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-4c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DFCB811-4CE6-4FA9-A722-86ED0D434FD9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-4c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "B2FB222B-0414-4A1E-8BBD-6470CDB3BFF8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24722F13-7DA7-4CA6-A141-293DE72B15B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "7096DBA5-95BB-44D7-B7CA-B1845C87F70E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-8c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFE568ED-3604-428E-82E7-4027CB2DDD62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-8c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "78562689-B494-4500-9725-B418F1EC3CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm416-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "616BB0A9-47FB-4F72-8241-0ADF50E6E236", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm416-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "F9102A41-5812-4014-BC07-E571E815ED49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm416-4c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04B56011-74F9-4760-A4AD-850F0CCF0B62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm416-4c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "86A2A766-9046-484F-9D49-4A1F4F0F96A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3491A486-47F3-4B30-B613-DCC412F6EF5B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54BB088B-67FC-4C34-98A0-EC05B67B2396", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*", matchCriteriaId: "24C7FB09-D247-48F0-B87C-6A478BDC0A5A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BF3C7B31-25AA-4D74-AB2D-5C7F1D8025C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "17BD41C2-2398-4A03-9C5F-43AEF424261E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCFA1A9B-1130-46BC-9A5F-FFBB527517FF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "2B313A4C-D3E7-4964-BA51-3401546B36C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5AAC31E-42DE-423E-8F43-A5600E24160F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "D6E888EA-73A7-42B8-A617-621CF192F2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D5F9D33-F74A-4FFB-9327-5CE691F0C1D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*", matchCriteriaId: "67E4D039-5BF8-469B-A6FE-A391A6D1BDA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E0BC528-5B72-48AB-A70A-B116770A8587", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "33D044BD-12AD-42C9-B01C-957BEC6C6790", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18D7E470-D872-4C37-8669-B66328F173D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "12512EC4-FB7D-420F-9A8A-547562BE1B49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F51CE85F-16D1-4E49-83C7-70C90233E294", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C9BACE8C-6C69-4BC4-8F5B-1C74FA7EB339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B357AD42-1806-4BE5-B76D-F798E475F659", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300:-:*:*:*:*:*:*:*", matchCriteriaId: "889CF2C0-EE6C-447F-85F1-005730EAD232", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17115730-97BF-473F-A4A7-03D5AE0F1A6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6FF41E9F-4627-49EE-BCF1-08B5AADE964A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18537338-DF5C-4F7A-995E-7F953B380657", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300poe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC118867-1A6C-4C3B-AD75-5D24551DB0BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64A47C63-7150-4F8D-BFD9-2F5C2761DBDF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0AC751E0-FC87-4DEB-85E8-C3E028B76482", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB09860F-9DC8-476B-9AF7-6FFE57101D6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E6AB4BE-D669-4A95-8F8A-F2DA146D5FB1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F4B8E2B-DEFF-4F1C-B5A4-0C4671C605C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F4DE2B7-1AB3-4BA5-B261-926B774B01DD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82D18854-D803-40C6-BB14-A28594C37CDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324wg:-:*:*:*:*:*:*:*", matchCriteriaId: "E767C461-8FA6-4700-98CB-734AFD309140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr326-2c_poe_wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B7EC611-120E-4002-BF1E-4B45E431B7FC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr326-2c_poe_wg:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD19EFB-12D2-4401-B87A-91873528E474", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr328-4c_wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFA83BBC-C6F3-4F98-A92B-2611EACBC093", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr328-4c_wg:-:*:*:*:*:*:*:*", matchCriteriaId: "A5B7DEDC-66BD-4701-BBDD-16273263ADC9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC8637DA-CA1E-46C6-AD1D-4F90B2A0BB35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "080E722F-FCD4-4967-86EE-151ADC5702E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA8C39A2-1989-49ED-91FC-7BCE7002F250", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524:-:*:*:*:*:*:*:*", matchCriteriaId: "7DEEA300-16C3-4FEE-88A8-674DE2AEEC95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA970560-8AE2-49B1-BCD0-E7913DEA50ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "B0E6B7D8-3F9E-43D6-AEFE-DEE3993679C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524-8c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC7CB42C-666C-4DFD-B3CB-DD9509363E94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524-8c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "A1509C8A-89FC-445D-BB22-BF9A811E853B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr526_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8709D27F-90B9-4AF8-8784-E974CE859518", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526:-:*:*:*:*:*:*:*", matchCriteriaId: "756A07F8-4F9F-4A76-942E-82CB92216943", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "554455C1-19FF-4F71-BC36-13DDE7FE0087", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "67661569-6233-4C74-9C72-88BD14B257FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "10F66ADC-91EC-4ED0-B768-03F94241B300", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "0921AD23-44BA-4F5C-9DC8-A5F90753C977", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F41F6AE6-0E43-4D12-B379-FCF3A2A104DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE5E54D-FFED-4C2C-B89D-E085E61D44E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0630BF0-8EFD-425A-A371-E1B0E5074D4D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*", matchCriteriaId: "3E048C4A-A414-4C87-A865-4D4218AE32EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_2hr2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DEAA4C6F-F234-4895-9D0D-B89E3F07F038", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m_2hr2:-:*:*:*:*:*:*:*", matchCriteriaId: "03DFEC43-5E84-460A-A50E-6BF378E83A70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_2hr2_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64CCA458-1F7F-44ED-ACD5-E9355B112194", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m_2hr2_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "FD9EACF0-ECE5-40DD-8280-41707A637E9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B7870B9-F1CF-4503-A64C-6258FFB9D78D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "81355370-BE69-434F-ABAC-8611F9909E46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7319A333-EAA2-4ED2-A814-1AAEDFAC4E04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552:-:*:*:*:*:*:*:*", matchCriteriaId: "AB16A0BE-5AF3-4168-B755-D023E497A35F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B490BBD4-458F-4077-8404-9208499226E7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12:-:*:*:*:*:*:*:*", matchCriteriaId: "09743616-31C9-4E47-8A4A-B15D76204BE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "87B35693-9D07-4507-8070-43B8F756F772", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "4A806691-3F4B-46AA-9718-2F6BF0FD3D7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12m_2hr2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B05DE63D-186B-46CC-B3CE-66923F290B6B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12m_2hr2:-:*:*:*:*:*:*:*", matchCriteriaId: "C97B2B53-F40E-4FB1-B3BA-5D0E0F8501F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12m_2hr2_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF61A53B-E4AD-4379-B053-1A25FDF65BD0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12m_2hr2_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9921B1-38FD-4404-9986-3023C577FE5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.", }, { lang: "es", value: "Los dispositivos afectados no sanean correctamente un campo de entrada. Esto podría permitir a un atacante remoto autenticado con privilegios administrativos inyectar código o generar un shell de raíz del sistema", }, ], id: "CVE-2022-36323", lastModified: "2024-11-21T07:12:47.000", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "productcert@siemens.com", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2022-08-10T12:15:12.863", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-10 12:15
Modified
2024-11-21 07:12
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_m-800_firmware | * | |
| siemens | scalance_m-800 | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - | |
| siemens | scalance_w700_ieee_802.11ax_firmware | * | |
| siemens | scalance_w700_ieee_802.11ax | - | |
| siemens | scalance_w700_ieee_802.11n_firmware | * | |
| siemens | scalance_w700_ieee_802.11n | - | |
| siemens | scalance_w700_ieee_802.11ac_firmware | * | |
| siemens | scalance_w700_ieee_802.11ac | - | |
| siemens | scalance_xb-200_firmware | * | |
| siemens | scalance_xb-200 | - | |
| siemens | scalance_xb205-3_firmware | * | |
| siemens | scalance_xb205-3 | - | |
| siemens | scalance_xb205-3ld_firmware | * | |
| siemens | scalance_xb205-3ld | - | |
| siemens | scalance_xb208_firmware | * | |
| siemens | scalance_xb208 | - | |
| siemens | scalance_xb213-3_firmware | * | |
| siemens | scalance_xb213-3 | - | |
| siemens | scalance_xb213-3ld_firmware | * | |
| siemens | scalance_xb213-3ld | - | |
| siemens | scalance_xb216_firmware | * | |
| siemens | scalance_xb216 | - | |
| siemens | scalance_xc-200_firmware | * | |
| siemens | scalance_xc-200 | - | |
| siemens | scalance_xc206-2_firmware | * | |
| siemens | scalance_xc206-2 | - | |
| siemens | scalance_xc206-2g_poe__firmware | * | |
| siemens | scalance_xc206-2g_poe_ | - | |
| siemens | scalance_xc206-2g_poe_eec_firmware | * | |
| siemens | scalance_xc206-2g_poe_eec | - | |
| siemens | scalance_xc206-2sfp_eec_firmware | * | |
| siemens | scalance_xc206-2sfp_eec | - | |
| siemens | scalance_xc206-2sfp_g_firmware | * | |
| siemens | scalance_xc206-2sfp_g | - | |
| siemens | scalance_xc206-2sfp_g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc206-2sfp_g_\(e\/ip\) | - | |
| siemens | scalance_xc206-2sfp_g_eec_firmware | * | |
| siemens | scalance_xc206-2sfp_g_eec | - | |
| siemens | scalance_xc208_firmware | * | |
| siemens | scalance_xc208 | - | |
| siemens | scalance_xc208eec_firmware | * | |
| siemens | scalance_xc208eec | - | |
| siemens | scalance_xc208g_firmware | * | |
| siemens | scalance_xc208g | - | |
| siemens | scalance_xc208g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc208g_\(e\/ip\) | - | |
| siemens | scalance_xc208g_eec_firmware | * | |
| siemens | scalance_xc208g_eec | - | |
| siemens | scalance_xc208g_poe_firmware | * | |
| siemens | scalance_xc208g_poe | - | |
| siemens | scalance_xc216_firmware | * | |
| siemens | scalance_xc216 | - | |
| siemens | scalance_xc216-4c_firmware | * | |
| siemens | scalance_xc216-4c | - | |
| siemens | scalance_xc216-4c_g_firmware | * | |
| siemens | scalance_xc216-4c_g | - | |
| siemens | scalance_xc216-4c_g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc216-4c_g_\(e\/ip\) | - | |
| siemens | scalance_xc216-4c_g_eec_firmware | * | |
| siemens | scalance_xc216-4c_g_eec | - | |
| siemens | scalance_xc216eec_firmware | * | |
| siemens | scalance_xc216eec | - | |
| siemens | scalance_xc224__firmware | * | |
| siemens | scalance_xc224_ | - | |
| siemens | scalance_xc224-4c_g__firmware | * | |
| siemens | scalance_xc224-4c_g_ | - | |
| siemens | scalance_xc224-4c_g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc224-4c_g_\(e\/ip\) | - | |
| siemens | scalance_xc224-4c_g_eec_firmware | * | |
| siemens | scalance_xc224-4c_g_eec | - | |
| siemens | scalance_xf-200ba_firmware | * | |
| siemens | scalance_xf-200ba | - | |
| siemens | scalance_xf204-2ba_dna_firmware | * | |
| siemens | scalance_xf204-2ba_dna | - | |
| siemens | scalance_xf204-2ba_irt_firmware | * | |
| siemens | scalance_xf204-2ba_irt | - | |
| siemens | scalance_xm400_firmware | * | |
| siemens | scalance_xm400 | - | |
| siemens | scalance_xm408-4c_firmware | * | |
| siemens | scalance_xm408-4c | - | |
| siemens | scalance_xm408-4c_l3_firmware | * | |
| siemens | scalance_xm408-4c_l3 | - | |
| siemens | scalance_xm408-8c_firmware | * | |
| siemens | scalance_xm408-8c | - | |
| siemens | scalance_xm408-8c_l3_firmware | * | |
| siemens | scalance_xm408-8c_l3 | - | |
| siemens | scalance_xm416-4c_firmware | * | |
| siemens | scalance_xm416-4c | - | |
| siemens | scalance_xm416-4c_l3_firmware | * | |
| siemens | scalance_xm416-4c_l3 | - | |
| siemens | scalance_xp-200_firmware | * | |
| siemens | scalance_xp-200 | - | |
| siemens | scalance_xp208_firmware | * | |
| siemens | scalance_xp208 | - | |
| siemens | scalance_xp208_\(eip\)_firmware | * | |
| siemens | scalance_xp208_\(eip\) | - | |
| siemens | scalance_xp208eec_firmware | * | |
| siemens | scalance_xp208eec | - | |
| siemens | scalance_xp208poe_eec_firmware | * | |
| siemens | scalance_xp208poe_eec | - | |
| siemens | scalance_xp216_firmware | * | |
| siemens | scalance_xp216 | - | |
| siemens | scalance_xp216_\(eip\)_firmware | * | |
| siemens | scalance_xp216_\(eip\) | - | |
| siemens | scalance_xp216eec_firmware | * | |
| siemens | scalance_xp216eec | - | |
| siemens | scalance_xp216poe_eec_firmware | * | |
| siemens | scalance_xp216poe_eec | - | |
| siemens | scalance_xr-300_firmware | * | |
| siemens | scalance_xr-300 | - | |
| siemens | scalance_xr-300eec_firmware | * | |
| siemens | scalance_xr-300eec | - | |
| siemens | scalance_xr-300poe_firmware | * | |
| siemens | scalance_xr-300poe | - | |
| siemens | scalance_xr-300wg_firmware | * | |
| siemens | scalance_xr-300wg | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324wg_firmware | * | |
| siemens | scalance_xr324wg | - | |
| siemens | scalance_xr326-2c_poe_wg_firmware | * | |
| siemens | scalance_xr326-2c_poe_wg | - | |
| siemens | scalance_xr328-4c_wg_firmware | * | |
| siemens | scalance_xr328-4c_wg | - | |
| siemens | scalance_xr500_firmware | * | |
| siemens | scalance_xr500 | - | |
| siemens | scalance_xr524_firmware | * | |
| siemens | scalance_xr524 | - | |
| siemens | scalance_xr524-8c_firmware | * | |
| siemens | scalance_xr524-8c | - | |
| siemens | scalance_xr524-8c_l3_firmware | * | |
| siemens | scalance_xr524-8c_l3 | - | |
| siemens | scalance_xr526_firmware | * | |
| siemens | scalance_xr526 | - | |
| siemens | scalance_xr526-8c_firmware | * | |
| siemens | scalance_xr526-8c | - | |
| siemens | scalance_xr526-8c_l3_firmware | * | |
| siemens | scalance_xr526-8c_l3 | - | |
| siemens | scalance_xr528_firmware | * | |
| siemens | scalance_xr528 | - | |
| siemens | scalance_xr528-6m_firmware | * | |
| siemens | scalance_xr528-6m | - | |
| siemens | scalance_xr528-6m_2hr2_firmware | * | |
| siemens | scalance_xr528-6m_2hr2 | - | |
| siemens | scalance_xr528-6m_2hr2_l3_firmware | * | |
| siemens | scalance_xr528-6m_2hr2_l3 | - | |
| siemens | scalance_xr528-6m_l3_firmware | * | |
| siemens | scalance_xr528-6m_l3 | - | |
| siemens | scalance_xr552_firmware | * | |
| siemens | scalance_xr552 | - | |
| siemens | scalance_xr552-12_firmware | * | |
| siemens | scalance_xr552-12 | - | |
| siemens | scalance_xr552-12m_firmware | * | |
| siemens | scalance_xr552-12m | - | |
| siemens | scalance_xr552-12m_2hr2_firmware | * | |
| siemens | scalance_xr552-12m_2hr2 | - | |
| siemens | scalance_xr552-12m_2hr2_l3_firmware | * | |
| siemens | scalance_xr552-12m_2hr2_l3 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A43ECBDD-F831-4364-8869-C696D1AC531A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EF65A06-2222-47D2-83B5-4C61E6D8731E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23DDDAEC-C0B4-4E14-9840-101B6F24DBE5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11ax:-:*:*:*:*:*:*:*", matchCriteriaId: "09908B6A-6655-42F0-A20B-79FFBF81937A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F05D6764-79B4-4787-B2D2-E685910453C3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-:*:*:*:*:*:*:*", matchCriteriaId: "880644DA-9280-4498-AD72-5CBD59CC8142", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D7CF655-D174-4CE8-A2AC-C14967A8283B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11ac:-:*:*:*:*:*:*:*", matchCriteriaId: "C93984BD-70E6-496C-BA20-18464B0E84B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E673B450-C436-49F3-B2F3-872B704FE075", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CB0BE85-4A96-45EB-9EAA-A2D9E5D45508", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*", matchCriteriaId: "B9F9F101-6042-4D11-98CE-16A996023B38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9E6A2AB-7F15-4ABB-B00A-F5667B615ABE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "18DC9125-FC41-4BAB-9638-C42DEF40235B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "713ADE75-1915-4DBB-9FC3-59E9A03AB5A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*", matchCriteriaId: "5C19D54A-8070-4EC6-9B30-B1B04A8BDABD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0113244-9647-4E95-B1E4-DBD26ADD3786", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*", matchCriteriaId: "1FF67A06-D93B-4E4E-A639-29E0E49654FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "692B60D5-696D-4680-BB38-3C0EC0F2D034", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "0EFCF766-E1D3-4BD5-A70C-3A824B7D45DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D83C08F3-C6F7-46D1-B3F6-0173F9B7E983", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*", matchCriteriaId: "72EC10EB-0679-4AFE-ABC3-C58A68A0C4DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C08F92C8-0A5D-470E-8CFC-F622C3014336", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1C93B717-35A4-4824-9B85-DB046E38DA33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*", matchCriteriaId: "49C5CBD8-9799-4EBA-8297-EAE04F43DDD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F02CFE9-6058-4B0D-9FD5-6C84ED4A3EAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*", matchCriteriaId: "39310380-7D17-46C5-B91A-DFDF602D56A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C4EA7C54-4200-4E33-B2EA-0F82AA3ECD9D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0C21EC27-F0A8-4DCA-88AD-92D07477B5AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B9CA045-5DB1-422C-ABE2-AC89F5A27847", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "CC286693-55D6-4949-8164-262EB6C022C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81AD4EB0-A125-4E4B-9348-AA6E670061B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7B235D-0141-46E5-9057-2203555AE58A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82708B62-47F9-4909-A52C-D96BC3AA567D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "CB6B6ED1-7057-4240-B1C9-660173BF1A6A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49EBEDA9-A826-45DD-A5BB-D5B55FB47B60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F7D1CCD-4DFD-4037-9BDC-65466D639456", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "822CB559-BAFC-4674-A64B-BDCF1AAFDD0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A2B708-309D-4BE5-BAEE-7AE035A2ADD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "316A0742-A32F-453E-922A-F084D9BEAA19", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "B6550B2D-4B8E-414C-B4CB-7B12D6D4EA4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62C9A709-2AB4-4836-B925-988D78AEB278", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*", matchCriteriaId: "8E922B78-7951-4115-8985-D824F6DDE41B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17E1B7ED-A272-43C6-9CA5-4CF370F8ED1C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "62852B4B-AF5A-4967-AFC2-14CEC2F6972C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1ABF1FC1-2FB5-42D8-867C-0B93AB67C096", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "9CCF0CEF-2E48-472E-9BDE-6E63F4CEA467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "429647B3-1C26-42EF-94DC-B9630AA627CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "585424EB-F9AB-45FB-B5C5-78FE45E3341A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D2F04D78-74F0-4471-9AF6-54EA822F1992", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*", matchCriteriaId: "4ABC0D8D-4F32-487F-835C-DADAB647EC21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00C80C92-FC92-4B96-8B80-6F7E0B07EBAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "7668BC0B-A47A-4E05-9933-51CD43F3B7BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA3B23C3-8880-4640-A6B2-EA870A85AAFE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*", matchCriteriaId: "78645734-50C1-4331-9FC4-AC8A8679B6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2765D0D-9A77-45E5-9F58-BF877E6F94B7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "22B8B758-9781-474E-93C3-17DDDF263CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09F27730-5DB8-4736-B6ED-A46C3888F48D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "323CEAEA-8122-43A5-BB87-97C7133FF510", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5A04F9F-133C-4C02-BA65-CABA47E1F329", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6BE498F8-A9D8-4A92-90CE-21BA30234947", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2EA0205D-A280-4903-927A-AC4FEC051E2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*", matchCriteriaId: "39AB9EB3-0F05-41C2-A32F-27B6D0C9C039", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFF36832-3023-4AEA-800E-ED4D87271E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*", matchCriteriaId: "E7806CF9-4DA5-4090-84BD-D098C5FB1178", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33C3BB4B-63C9-4770-9CC0-053A0B655ED7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "EE4E3630-DB15-46EA-B320-E4E457240B9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9089DA8-FEF8-4927-B56A-139B67571671", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0B0A02C9-A7CB-4CB3-B5DC-5FEE20A59208", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34F19168-C521-4D67-BF88-1551F079859E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6C7A93D-B629-4A56-B961-5D4FD012E6E6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "FAF28152-D6CA-4D20-BDF1-1EF4B7D10429", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F316894-3BBB-4B72-8636-23868BF557AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6BF5436-1BCB-4945-8F2D-68F766D3567F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC408A8-903F-43A2-9D05-65AD4482FDBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "813D5C37-C5CF-4B50-920A-38C9CF042966", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "2AA81823-013F-4990-B62D-86C404F04BCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-4c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DFCB811-4CE6-4FA9-A722-86ED0D434FD9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-4c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "B2FB222B-0414-4A1E-8BBD-6470CDB3BFF8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24722F13-7DA7-4CA6-A141-293DE72B15B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "7096DBA5-95BB-44D7-B7CA-B1845C87F70E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-8c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFE568ED-3604-428E-82E7-4027CB2DDD62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-8c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "78562689-B494-4500-9725-B418F1EC3CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm416-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "616BB0A9-47FB-4F72-8241-0ADF50E6E236", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm416-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "F9102A41-5812-4014-BC07-E571E815ED49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm416-4c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04B56011-74F9-4760-A4AD-850F0CCF0B62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm416-4c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "86A2A766-9046-484F-9D49-4A1F4F0F96A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3491A486-47F3-4B30-B613-DCC412F6EF5B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54BB088B-67FC-4C34-98A0-EC05B67B2396", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*", matchCriteriaId: "24C7FB09-D247-48F0-B87C-6A478BDC0A5A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BF3C7B31-25AA-4D74-AB2D-5C7F1D8025C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "17BD41C2-2398-4A03-9C5F-43AEF424261E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCFA1A9B-1130-46BC-9A5F-FFBB527517FF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "2B313A4C-D3E7-4964-BA51-3401546B36C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5AAC31E-42DE-423E-8F43-A5600E24160F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "D6E888EA-73A7-42B8-A617-621CF192F2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D5F9D33-F74A-4FFB-9327-5CE691F0C1D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*", matchCriteriaId: "67E4D039-5BF8-469B-A6FE-A391A6D1BDA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E0BC528-5B72-48AB-A70A-B116770A8587", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "33D044BD-12AD-42C9-B01C-957BEC6C6790", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18D7E470-D872-4C37-8669-B66328F173D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "12512EC4-FB7D-420F-9A8A-547562BE1B49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F51CE85F-16D1-4E49-83C7-70C90233E294", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C9BACE8C-6C69-4BC4-8F5B-1C74FA7EB339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B357AD42-1806-4BE5-B76D-F798E475F659", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300:-:*:*:*:*:*:*:*", matchCriteriaId: "889CF2C0-EE6C-447F-85F1-005730EAD232", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17115730-97BF-473F-A4A7-03D5AE0F1A6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6FF41E9F-4627-49EE-BCF1-08B5AADE964A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18537338-DF5C-4F7A-995E-7F953B380657", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300poe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC118867-1A6C-4C3B-AD75-5D24551DB0BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64A47C63-7150-4F8D-BFD9-2F5C2761DBDF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0AC751E0-FC87-4DEB-85E8-C3E028B76482", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB09860F-9DC8-476B-9AF7-6FFE57101D6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E6AB4BE-D669-4A95-8F8A-F2DA146D5FB1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F4B8E2B-DEFF-4F1C-B5A4-0C4671C605C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F4DE2B7-1AB3-4BA5-B261-926B774B01DD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82D18854-D803-40C6-BB14-A28594C37CDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324wg:-:*:*:*:*:*:*:*", matchCriteriaId: "E767C461-8FA6-4700-98CB-734AFD309140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr326-2c_poe_wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B7EC611-120E-4002-BF1E-4B45E431B7FC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr326-2c_poe_wg:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD19EFB-12D2-4401-B87A-91873528E474", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr328-4c_wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFA83BBC-C6F3-4F98-A92B-2611EACBC093", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr328-4c_wg:-:*:*:*:*:*:*:*", matchCriteriaId: "A5B7DEDC-66BD-4701-BBDD-16273263ADC9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC8637DA-CA1E-46C6-AD1D-4F90B2A0BB35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "080E722F-FCD4-4967-86EE-151ADC5702E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA8C39A2-1989-49ED-91FC-7BCE7002F250", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524:-:*:*:*:*:*:*:*", matchCriteriaId: "7DEEA300-16C3-4FEE-88A8-674DE2AEEC95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA970560-8AE2-49B1-BCD0-E7913DEA50ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "B0E6B7D8-3F9E-43D6-AEFE-DEE3993679C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524-8c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC7CB42C-666C-4DFD-B3CB-DD9509363E94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524-8c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "A1509C8A-89FC-445D-BB22-BF9A811E853B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr526_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8709D27F-90B9-4AF8-8784-E974CE859518", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526:-:*:*:*:*:*:*:*", matchCriteriaId: "756A07F8-4F9F-4A76-942E-82CB92216943", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "554455C1-19FF-4F71-BC36-13DDE7FE0087", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "67661569-6233-4C74-9C72-88BD14B257FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "10F66ADC-91EC-4ED0-B768-03F94241B300", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "0921AD23-44BA-4F5C-9DC8-A5F90753C977", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F41F6AE6-0E43-4D12-B379-FCF3A2A104DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE5E54D-FFED-4C2C-B89D-E085E61D44E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0630BF0-8EFD-425A-A371-E1B0E5074D4D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*", matchCriteriaId: "3E048C4A-A414-4C87-A865-4D4218AE32EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_2hr2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DEAA4C6F-F234-4895-9D0D-B89E3F07F038", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m_2hr2:-:*:*:*:*:*:*:*", matchCriteriaId: "03DFEC43-5E84-460A-A50E-6BF378E83A70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_2hr2_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64CCA458-1F7F-44ED-ACD5-E9355B112194", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m_2hr2_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "FD9EACF0-ECE5-40DD-8280-41707A637E9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B7870B9-F1CF-4503-A64C-6258FFB9D78D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "81355370-BE69-434F-ABAC-8611F9909E46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7319A333-EAA2-4ED2-A814-1AAEDFAC4E04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552:-:*:*:*:*:*:*:*", matchCriteriaId: "AB16A0BE-5AF3-4168-B755-D023E497A35F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B490BBD4-458F-4077-8404-9208499226E7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12:-:*:*:*:*:*:*:*", matchCriteriaId: "09743616-31C9-4E47-8A4A-B15D76204BE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "87B35693-9D07-4507-8070-43B8F756F772", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "4A806691-3F4B-46AA-9718-2F6BF0FD3D7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12m_2hr2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B05DE63D-186B-46CC-B3CE-66923F290B6B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12m_2hr2:-:*:*:*:*:*:*:*", matchCriteriaId: "C97B2B53-F40E-4FB1-B3BA-5D0E0F8501F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12m_2hr2_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF61A53B-E4AD-4379-B053-1A25FDF65BD0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12m_2hr2_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9921B1-38FD-4404-9986-3023C577FE5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.", }, { lang: "es", value: "Los dispositivos afectados no manejan adecuadamente la renegociación de los parámetros SSL/TLS. Esto podría permitir a un atacante remoto no autenticado eludir la prevención de fuerza bruta de TCP y provocar una condición de denegación de servicio mientras dure el ataque", }, ], id: "CVE-2022-36324", lastModified: "2024-11-21T07:12:47.307", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-10T12:15:12.930", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:53
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | - | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-1-2ldfe_firmware | * | |
| siemens | scalance_x320-1-2ldfe | - | |
| siemens | scalance_x408-2_firmware | * | |
| siemens | scalance_x408-2 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | siplus_net_scalance_x308-2_firmware | * | |
| siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Los dispositivos afectados no comprueban correctamente el parámetro GET XNo de las peticiones HTTP entrantes. Esto podría permitir a un atacante remoto no autenticado bloquear los dispositivos afectados", }, ], id: "CVE-2022-26334", lastModified: "2024-11-21T06:53:46.077", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.880", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-10 12:15
Modified
2024-11-21 07:12
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_m-800_firmware | * | |
| siemens | scalance_m-800 | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - | |
| siemens | scalance_sc-600_firmware | * | |
| siemens | scalance_sc-600 | - | |
| siemens | scalance_sc622-2c_firmware | * | |
| siemens | scalance_sc622-2c | - | |
| siemens | scalance_sc632-2c_firmware | * | |
| siemens | scalance_sc632-2c | - | |
| siemens | scalance_sc636-2c_firmware | * | |
| siemens | scalance_sc636-2c | - | |
| siemens | scalance_sc642-2c_firmware | * | |
| siemens | scalance_sc642-2c | - | |
| siemens | scalance_sc646-2c_firmware | * | |
| siemens | scalance_sc646-2c | - | |
| siemens | scalance_w700_ieee_802.11ax_firmware | * | |
| siemens | scalance_w700_ieee_802.11ax | - | |
| siemens | scalance_w700_ieee_802.11n_firmware | * | |
| siemens | scalance_w700_ieee_802.11n | - | |
| siemens | scalance_w700_ieee_802.11ac_firmware | * | |
| siemens | scalance_w700_ieee_802.11ac | - | |
| siemens | scalance_xb-200_firmware | * | |
| siemens | scalance_xb-200 | - | |
| siemens | scalance_xb205-3_firmware | * | |
| siemens | scalance_xb205-3 | - | |
| siemens | scalance_xb205-3ld_firmware | * | |
| siemens | scalance_xb205-3ld | - | |
| siemens | scalance_xb208_firmware | * | |
| siemens | scalance_xb208 | - | |
| siemens | scalance_xb213-3_firmware | * | |
| siemens | scalance_xb213-3 | - | |
| siemens | scalance_xb213-3ld_firmware | * | |
| siemens | scalance_xb213-3ld | - | |
| siemens | scalance_xb216_firmware | * | |
| siemens | scalance_xb216 | - | |
| siemens | scalance_xc-200_firmware | * | |
| siemens | scalance_xc-200 | - | |
| siemens | scalance_xc206-2_firmware | * | |
| siemens | scalance_xc206-2 | - | |
| siemens | scalance_xc206-2g_poe__firmware | * | |
| siemens | scalance_xc206-2g_poe_ | - | |
| siemens | scalance_xc206-2g_poe_eec_firmware | * | |
| siemens | scalance_xc206-2g_poe_eec | - | |
| siemens | scalance_xc206-2sfp_eec_firmware | * | |
| siemens | scalance_xc206-2sfp_eec | - | |
| siemens | scalance_xc206-2sfp_g_firmware | * | |
| siemens | scalance_xc206-2sfp_g | - | |
| siemens | scalance_xc206-2sfp_g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc206-2sfp_g_\(e\/ip\) | - | |
| siemens | scalance_xc206-2sfp_g_eec_firmware | * | |
| siemens | scalance_xc206-2sfp_g_eec | - | |
| siemens | scalance_xc208_firmware | * | |
| siemens | scalance_xc208 | - | |
| siemens | scalance_xc208eec_firmware | * | |
| siemens | scalance_xc208eec | - | |
| siemens | scalance_xc208g_firmware | * | |
| siemens | scalance_xc208g | - | |
| siemens | scalance_xc208g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc208g_\(e\/ip\) | - | |
| siemens | scalance_xc208g_eec_firmware | * | |
| siemens | scalance_xc208g_eec | - | |
| siemens | scalance_xc208g_poe_firmware | * | |
| siemens | scalance_xc208g_poe | - | |
| siemens | scalance_xc216_firmware | * | |
| siemens | scalance_xc216 | - | |
| siemens | scalance_xc216-4c_firmware | * | |
| siemens | scalance_xc216-4c | - | |
| siemens | scalance_xc216-4c_g_firmware | * | |
| siemens | scalance_xc216-4c_g | - | |
| siemens | scalance_xc216-4c_g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc216-4c_g_\(e\/ip\) | - | |
| siemens | scalance_xc216-4c_g_eec_firmware | * | |
| siemens | scalance_xc216-4c_g_eec | - | |
| siemens | scalance_xc216eec_firmware | * | |
| siemens | scalance_xc216eec | - | |
| siemens | scalance_xc224__firmware | * | |
| siemens | scalance_xc224_ | - | |
| siemens | scalance_xc224-4c_g__firmware | * | |
| siemens | scalance_xc224-4c_g_ | - | |
| siemens | scalance_xc224-4c_g_\(e\/ip\)_firmware | * | |
| siemens | scalance_xc224-4c_g_\(e\/ip\) | - | |
| siemens | scalance_xc224-4c_g_eec_firmware | * | |
| siemens | scalance_xc224-4c_g_eec | - | |
| siemens | scalance_xf-200ba_firmware | * | |
| siemens | scalance_xf-200ba | - | |
| siemens | scalance_xf204-2ba_dna_firmware | * | |
| siemens | scalance_xf204-2ba_dna | - | |
| siemens | scalance_xf204-2ba_irt_firmware | * | |
| siemens | scalance_xf204-2ba_irt | - | |
| siemens | scalance_xm400_firmware | * | |
| siemens | scalance_xm400 | - | |
| siemens | scalance_xm408-4c_firmware | * | |
| siemens | scalance_xm408-4c | - | |
| siemens | scalance_xm408-4c_l3_firmware | * | |
| siemens | scalance_xm408-4c_l3 | - | |
| siemens | scalance_xm408-8c_firmware | * | |
| siemens | scalance_xm408-8c | - | |
| siemens | scalance_xm408-8c_l3_firmware | * | |
| siemens | scalance_xm408-8c_l3 | - | |
| siemens | scalance_xm416-4c_firmware | * | |
| siemens | scalance_xm416-4c | - | |
| siemens | scalance_xm416-4c_l3_firmware | * | |
| siemens | scalance_xm416-4c_l3 | - | |
| siemens | scalance_xp-200_firmware | * | |
| siemens | scalance_xp-200 | - | |
| siemens | scalance_xp208_firmware | * | |
| siemens | scalance_xp208 | - | |
| siemens | scalance_xp208_\(eip\)_firmware | * | |
| siemens | scalance_xp208_\(eip\) | - | |
| siemens | scalance_xp208eec_firmware | * | |
| siemens | scalance_xp208eec | - | |
| siemens | scalance_xp208poe_eec_firmware | * | |
| siemens | scalance_xp208poe_eec | - | |
| siemens | scalance_xp216_firmware | * | |
| siemens | scalance_xp216 | - | |
| siemens | scalance_xp216_\(eip\)_firmware | * | |
| siemens | scalance_xp216_\(eip\) | - | |
| siemens | scalance_xp216eec_firmware | * | |
| siemens | scalance_xp216eec | - | |
| siemens | scalance_xp216poe_eec_firmware | * | |
| siemens | scalance_xp216poe_eec | - | |
| siemens | scalance_xr-300_firmware | * | |
| siemens | scalance_xr-300 | - | |
| siemens | scalance_xr-300eec_firmware | * | |
| siemens | scalance_xr-300eec | - | |
| siemens | scalance_xr-300poe_firmware | * | |
| siemens | scalance_xr-300poe | - | |
| siemens | scalance_xr-300wg_firmware | * | |
| siemens | scalance_xr-300wg | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324wg_firmware | * | |
| siemens | scalance_xr324wg | - | |
| siemens | scalance_xr326-2c_poe_wg_firmware | * | |
| siemens | scalance_xr326-2c_poe_wg | - | |
| siemens | scalance_xr328-4c_wg_firmware | * | |
| siemens | scalance_xr328-4c_wg | - | |
| siemens | scalance_xr500_firmware | * | |
| siemens | scalance_xr500 | - | |
| siemens | scalance_xr524_firmware | * | |
| siemens | scalance_xr524 | - | |
| siemens | scalance_xr524-8c_firmware | * | |
| siemens | scalance_xr524-8c | - | |
| siemens | scalance_xr524-8c_l3_firmware | * | |
| siemens | scalance_xr524-8c_l3 | - | |
| siemens | scalance_xr526_firmware | * | |
| siemens | scalance_xr526 | - | |
| siemens | scalance_xr526-8c_firmware | * | |
| siemens | scalance_xr526-8c | - | |
| siemens | scalance_xr526-8c_l3_firmware | * | |
| siemens | scalance_xr526-8c_l3 | - | |
| siemens | scalance_xr528_firmware | * | |
| siemens | scalance_xr528 | - | |
| siemens | scalance_xr528-6m_firmware | * | |
| siemens | scalance_xr528-6m | - | |
| siemens | scalance_xr528-6m_2hr2_firmware | * | |
| siemens | scalance_xr528-6m_2hr2 | - | |
| siemens | scalance_xr528-6m_2hr2_l3_firmware | * | |
| siemens | scalance_xr528-6m_2hr2_l3 | - | |
| siemens | scalance_xr528-6m_l3_firmware | * | |
| siemens | scalance_xr528-6m_l3 | - | |
| siemens | scalance_xr552_firmware | * | |
| siemens | scalance_xr552 | - | |
| siemens | scalance_xr552-12_firmware | * | |
| siemens | scalance_xr552-12 | - | |
| siemens | scalance_xr552-12m_firmware | * | |
| siemens | scalance_xr552-12m | - | |
| siemens | scalance_xr552-12m_2hr2_firmware | * | |
| siemens | scalance_xr552-12m_2hr2 | - | |
| siemens | scalance_xr552-12m_2hr2_l3_firmware | * | |
| siemens | scalance_xr552-12m_2hr2_l3 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A43ECBDD-F831-4364-8869-C696D1AC531A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EF65A06-2222-47D2-83B5-4C61E6D8731E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "269D399D-1B5B-46FE-A05F-90405CBC81B1", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*", matchCriteriaId: "725C671B-D7A0-48CF-8A31-5F9C4173F1DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A728A54-3FCD-46C8-89C7-D145484BF8DF", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "50FEE5FA-B141-4E5F-8673-363089262530", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "67B6AD24-FB63-4779-BFA0-B6849254A45C", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "8A79836B-5EC1-40AF-8A57-9657EF6758E5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "780BDF7D-4E7F-4A45-9E7B-D261031DA24D", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "FCB9BD17-7F1F-42E9-831F-EB907F9BC214", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F28978FB-B7F0-4D0E-9498-86F0E6B291DE", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "10C7D54A-27B4-4195-8131-DD5380472A75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4CDE958F-2E63-4870-A9CD-6A0E0224B590", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:*", matchCriteriaId: "E54AF1E6-0E52-447C-8946-18716D30EBE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23DDDAEC-C0B4-4E14-9840-101B6F24DBE5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11ax:-:*:*:*:*:*:*:*", matchCriteriaId: "09908B6A-6655-42F0-A20B-79FFBF81937A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F05D6764-79B4-4787-B2D2-E685910453C3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-:*:*:*:*:*:*:*", matchCriteriaId: "880644DA-9280-4498-AD72-5CBD59CC8142", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D7CF655-D174-4CE8-A2AC-C14967A8283B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11ac:-:*:*:*:*:*:*:*", matchCriteriaId: "C93984BD-70E6-496C-BA20-18464B0E84B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E673B450-C436-49F3-B2F3-872B704FE075", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CB0BE85-4A96-45EB-9EAA-A2D9E5D45508", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*", matchCriteriaId: "B9F9F101-6042-4D11-98CE-16A996023B38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9E6A2AB-7F15-4ABB-B00A-F5667B615ABE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "18DC9125-FC41-4BAB-9638-C42DEF40235B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "713ADE75-1915-4DBB-9FC3-59E9A03AB5A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*", matchCriteriaId: "5C19D54A-8070-4EC6-9B30-B1B04A8BDABD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0113244-9647-4E95-B1E4-DBD26ADD3786", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*", matchCriteriaId: "1FF67A06-D93B-4E4E-A639-29E0E49654FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "692B60D5-696D-4680-BB38-3C0EC0F2D034", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "0EFCF766-E1D3-4BD5-A70C-3A824B7D45DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D83C08F3-C6F7-46D1-B3F6-0173F9B7E983", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*", matchCriteriaId: "72EC10EB-0679-4AFE-ABC3-C58A68A0C4DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C08F92C8-0A5D-470E-8CFC-F622C3014336", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1C93B717-35A4-4824-9B85-DB046E38DA33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*", matchCriteriaId: "49C5CBD8-9799-4EBA-8297-EAE04F43DDD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F02CFE9-6058-4B0D-9FD5-6C84ED4A3EAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*", matchCriteriaId: "39310380-7D17-46C5-B91A-DFDF602D56A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C4EA7C54-4200-4E33-B2EA-0F82AA3ECD9D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0C21EC27-F0A8-4DCA-88AD-92D07477B5AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B9CA045-5DB1-422C-ABE2-AC89F5A27847", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "CC286693-55D6-4949-8164-262EB6C022C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81AD4EB0-A125-4E4B-9348-AA6E670061B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7B235D-0141-46E5-9057-2203555AE58A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82708B62-47F9-4909-A52C-D96BC3AA567D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "CB6B6ED1-7057-4240-B1C9-660173BF1A6A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49EBEDA9-A826-45DD-A5BB-D5B55FB47B60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F7D1CCD-4DFD-4037-9BDC-65466D639456", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "822CB559-BAFC-4674-A64B-BDCF1AAFDD0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A2B708-309D-4BE5-BAEE-7AE035A2ADD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "316A0742-A32F-453E-922A-F084D9BEAA19", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "B6550B2D-4B8E-414C-B4CB-7B12D6D4EA4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62C9A709-2AB4-4836-B925-988D78AEB278", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*", matchCriteriaId: "8E922B78-7951-4115-8985-D824F6DDE41B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17E1B7ED-A272-43C6-9CA5-4CF370F8ED1C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "62852B4B-AF5A-4967-AFC2-14CEC2F6972C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1ABF1FC1-2FB5-42D8-867C-0B93AB67C096", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "9CCF0CEF-2E48-472E-9BDE-6E63F4CEA467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "429647B3-1C26-42EF-94DC-B9630AA627CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "585424EB-F9AB-45FB-B5C5-78FE45E3341A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D2F04D78-74F0-4471-9AF6-54EA822F1992", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*", matchCriteriaId: "4ABC0D8D-4F32-487F-835C-DADAB647EC21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00C80C92-FC92-4B96-8B80-6F7E0B07EBAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "7668BC0B-A47A-4E05-9933-51CD43F3B7BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA3B23C3-8880-4640-A6B2-EA870A85AAFE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*", matchCriteriaId: "78645734-50C1-4331-9FC4-AC8A8679B6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2765D0D-9A77-45E5-9F58-BF877E6F94B7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "22B8B758-9781-474E-93C3-17DDDF263CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09F27730-5DB8-4736-B6ED-A46C3888F48D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "323CEAEA-8122-43A5-BB87-97C7133FF510", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5A04F9F-133C-4C02-BA65-CABA47E1F329", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6BE498F8-A9D8-4A92-90CE-21BA30234947", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2EA0205D-A280-4903-927A-AC4FEC051E2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*", matchCriteriaId: "39AB9EB3-0F05-41C2-A32F-27B6D0C9C039", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFF36832-3023-4AEA-800E-ED4D87271E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*", matchCriteriaId: "E7806CF9-4DA5-4090-84BD-D098C5FB1178", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_\\(e\\/ip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33C3BB4B-63C9-4770-9CC0-053A0B655ED7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_\\(e\\/ip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "EE4E3630-DB15-46EA-B320-E4E457240B9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9089DA8-FEF8-4927-B56A-139B67571671", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "0B0A02C9-A7CB-4CB3-B5DC-5FEE20A59208", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34F19168-C521-4D67-BF88-1551F079859E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6C7A93D-B629-4A56-B961-5D4FD012E6E6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*", matchCriteriaId: "FAF28152-D6CA-4D20-BDF1-1EF4B7D10429", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F316894-3BBB-4B72-8636-23868BF557AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6BF5436-1BCB-4945-8F2D-68F766D3567F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC408A8-903F-43A2-9D05-65AD4482FDBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "813D5C37-C5CF-4B50-920A-38C9CF042966", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "2AA81823-013F-4990-B62D-86C404F04BCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-4c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DFCB811-4CE6-4FA9-A722-86ED0D434FD9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-4c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "B2FB222B-0414-4A1E-8BBD-6470CDB3BFF8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24722F13-7DA7-4CA6-A141-293DE72B15B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "7096DBA5-95BB-44D7-B7CA-B1845C87F70E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm408-8c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFE568ED-3604-428E-82E7-4027CB2DDD62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm408-8c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "78562689-B494-4500-9725-B418F1EC3CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm416-4c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "616BB0A9-47FB-4F72-8241-0ADF50E6E236", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm416-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "F9102A41-5812-4014-BC07-E571E815ED49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm416-4c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04B56011-74F9-4760-A4AD-850F0CCF0B62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm416-4c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "86A2A766-9046-484F-9D49-4A1F4F0F96A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3491A486-47F3-4B30-B613-DCC412F6EF5B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54BB088B-67FC-4C34-98A0-EC05B67B2396", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*", matchCriteriaId: "24C7FB09-D247-48F0-B87C-6A478BDC0A5A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BF3C7B31-25AA-4D74-AB2D-5C7F1D8025C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "17BD41C2-2398-4A03-9C5F-43AEF424261E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCFA1A9B-1130-46BC-9A5F-FFBB527517FF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*", matchCriteriaId: "2B313A4C-D3E7-4964-BA51-3401546B36C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5AAC31E-42DE-423E-8F43-A5600E24160F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "D6E888EA-73A7-42B8-A617-621CF192F2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D5F9D33-F74A-4FFB-9327-5CE691F0C1D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*", matchCriteriaId: "67E4D039-5BF8-469B-A6FE-A391A6D1BDA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216_\\(eip\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E0BC528-5B72-48AB-A70A-B116770A8587", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216_\\(eip\\):-:*:*:*:*:*:*:*", matchCriteriaId: "33D044BD-12AD-42C9-B01C-957BEC6C6790", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18D7E470-D872-4C37-8669-B66328F173D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*", matchCriteriaId: "12512EC4-FB7D-420F-9A8A-547562BE1B49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F51CE85F-16D1-4E49-83C7-70C90233E294", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C9BACE8C-6C69-4BC4-8F5B-1C74FA7EB339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B357AD42-1806-4BE5-B76D-F798E475F659", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300:-:*:*:*:*:*:*:*", matchCriteriaId: "889CF2C0-EE6C-447F-85F1-005730EAD232", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17115730-97BF-473F-A4A7-03D5AE0F1A6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6FF41E9F-4627-49EE-BCF1-08B5AADE964A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18537338-DF5C-4F7A-995E-7F953B380657", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300poe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC118867-1A6C-4C3B-AD75-5D24551DB0BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64A47C63-7150-4F8D-BFD9-2F5C2761DBDF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0AC751E0-FC87-4DEB-85E8-C3E028B76482", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB09860F-9DC8-476B-9AF7-6FFE57101D6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E6AB4BE-D669-4A95-8F8A-F2DA146D5FB1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F4B8E2B-DEFF-4F1C-B5A4-0C4671C605C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F4DE2B7-1AB3-4BA5-B261-926B774B01DD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82D18854-D803-40C6-BB14-A28594C37CDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324wg:-:*:*:*:*:*:*:*", matchCriteriaId: "E767C461-8FA6-4700-98CB-734AFD309140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr326-2c_poe_wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B7EC611-120E-4002-BF1E-4B45E431B7FC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr326-2c_poe_wg:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD19EFB-12D2-4401-B87A-91873528E474", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr328-4c_wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFA83BBC-C6F3-4F98-A92B-2611EACBC093", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr328-4c_wg:-:*:*:*:*:*:*:*", matchCriteriaId: "A5B7DEDC-66BD-4701-BBDD-16273263ADC9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC8637DA-CA1E-46C6-AD1D-4F90B2A0BB35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "080E722F-FCD4-4967-86EE-151ADC5702E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA8C39A2-1989-49ED-91FC-7BCE7002F250", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524:-:*:*:*:*:*:*:*", matchCriteriaId: "7DEEA300-16C3-4FEE-88A8-674DE2AEEC95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA970560-8AE2-49B1-BCD0-E7913DEA50ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "B0E6B7D8-3F9E-43D6-AEFE-DEE3993679C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524-8c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC7CB42C-666C-4DFD-B3CB-DD9509363E94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524-8c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "A1509C8A-89FC-445D-BB22-BF9A811E853B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr526_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8709D27F-90B9-4AF8-8784-E974CE859518", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526:-:*:*:*:*:*:*:*", matchCriteriaId: "756A07F8-4F9F-4A76-942E-82CB92216943", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "554455C1-19FF-4F71-BC36-13DDE7FE0087", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "67661569-6233-4C74-9C72-88BD14B257FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "10F66ADC-91EC-4ED0-B768-03F94241B300", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "0921AD23-44BA-4F5C-9DC8-A5F90753C977", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F41F6AE6-0E43-4D12-B379-FCF3A2A104DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE5E54D-FFED-4C2C-B89D-E085E61D44E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0630BF0-8EFD-425A-A371-E1B0E5074D4D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*", matchCriteriaId: "3E048C4A-A414-4C87-A865-4D4218AE32EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_2hr2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DEAA4C6F-F234-4895-9D0D-B89E3F07F038", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m_2hr2:-:*:*:*:*:*:*:*", matchCriteriaId: "03DFEC43-5E84-460A-A50E-6BF378E83A70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_2hr2_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64CCA458-1F7F-44ED-ACD5-E9355B112194", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m_2hr2_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "FD9EACF0-ECE5-40DD-8280-41707A637E9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B7870B9-F1CF-4503-A64C-6258FFB9D78D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "81355370-BE69-434F-ABAC-8611F9909E46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7319A333-EAA2-4ED2-A814-1AAEDFAC4E04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552:-:*:*:*:*:*:*:*", matchCriteriaId: "AB16A0BE-5AF3-4168-B755-D023E497A35F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B490BBD4-458F-4077-8404-9208499226E7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12:-:*:*:*:*:*:*:*", matchCriteriaId: "09743616-31C9-4E47-8A4A-B15D76204BE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "87B35693-9D07-4507-8070-43B8F756F772", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "4A806691-3F4B-46AA-9718-2F6BF0FD3D7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12m_2hr2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B05DE63D-186B-46CC-B3CE-66923F290B6B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12m_2hr2:-:*:*:*:*:*:*:*", matchCriteriaId: "C97B2B53-F40E-4FB1-B3BA-5D0E0F8501F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12m_2hr2_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF61A53B-E4AD-4379-B053-1A25FDF65BD0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12m_2hr2_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9921B1-38FD-4404-9986-3023C577FE5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.", }, { lang: "es", value: "Los dispositivos afectados no sanean correctamente los datos introducidos por un usuario al renderizar la interfaz web. Esto podría permitir a un atacante remoto autenticado con privilegios administrativos inyectar código y llevar a un XSS basado en el DOM", }, ], id: "CVE-2022-36325", lastModified: "2024-11-21T07:12:47.637", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-10T12:15:12.997", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-80", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | - | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-1-2ldfe_firmware | * | |
| siemens | scalance_x320-1-2ldfe | - | |
| siemens | scalance_x408-2_firmware | * | |
| siemens | scalance_x408-2 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | siplus_net_scalance_x308-2_firmware | * | |
| siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Los dispositivos afectados no comprueban correctamente los encabezados HTTP de las peticiones entrantes. Esto podría permitir a un atacante remoto no autenticado bloquear los dispositivos afectados", }, ], id: "CVE-2022-25751", lastModified: "2024-11-21T06:52:55.653", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.597", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | - | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-1-2ldfe_firmware | * | |
| siemens | scalance_x320-1-2ldfe | - | |
| siemens | scalance_x408-2_firmware | * | |
| siemens | scalance_x408-2 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | siplus_net_scalance_x308-2_firmware | * | |
| siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. Un manejo de argumentos como las direcciones IP en la CLI de los dispositivos afectados es propenso a desbordamientos de búfer. Esto podría permitir a un atacante remoto autenticado ejecutar código arbitrario en el dispositivo", }, ], id: "CVE-2022-25753", lastModified: "2024-11-21T06:52:56.073", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.700", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-13 11:15
Modified
2024-12-10 14:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-599968.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf | Patch, Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-599968.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | dk_standard_ethernet_controller_evaluation_kit_firmware | * | |
| siemens | dk_standard_ethernet_controller_evaluation_kit | - | |
| siemens | ek-ertec_200_evaulation_kit_firmware | * | |
| siemens | ek-ertec_200_evaulation_kit | - | |
| siemens | ek-ertec_200p_evaluation_kit_firmware | * | |
| siemens | ek-ertec_200p_evaluation_kit | - | |
| siemens | ruggedcom_rm1224_firmware | * | |
| siemens | ruggedcom_rm1224 | - | |
| siemens | scalance_m-800_firmware | * | |
| siemens | scalance_m-800 | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - | |
| siemens | scalance_w700_firmware | * | |
| siemens | scalance_w700 | - | |
| siemens | scalance_w1700_firmware | * | |
| siemens | scalance_w1700 | - | |
| siemens | scalance_x200-4_p_irt_firmware | * | |
| siemens | scalance_x200-4_p_irt | - | |
| siemens | scalance_x201-3p_irt_firmware | * | |
| siemens | scalance_x201-3p_irt | - | |
| siemens | scalance_x201-3p_irt_pro_firmware | * | |
| siemens | scalance_x201-3p_irt_pro | - | |
| siemens | scalance_x202-2_irt_firmware | * | |
| siemens | scalance_x202-2_irt | - | |
| siemens | scalance_x202-2p_irt_pro_firmware | * | |
| siemens | scalance_x202-2p_irt_pro | - | |
| siemens | scalance_x204_irt_firmware | * | |
| siemens | scalance_x204_irt | - | |
| siemens | scalance_x204_irt_pro_firmware | * | |
| siemens | scalance_x204_irt_pro | - | |
| siemens | scalance_x204-2_firmware | * | |
| siemens | scalance_x204-2_ | - | |
| siemens | scalance_x204-2fm_firmware | * | |
| siemens | scalance_x204-2fm | - | |
| siemens | scalance_x204-2ld_firmware | * | |
| siemens | scalance_x204-2ld | - | |
| siemens | scalance_x204-2ld_ts_firmware | * | |
| siemens | scalance_x204-2ld_ts | - | |
| siemens | scalance_x204-2ts_firmware | * | |
| siemens | scalance_x204-2ts | - | |
| siemens | scalance_x206-1_firmware | * | |
| siemens | scalance_x206-1 | - | |
| siemens | scalance_x206-1ld_firmware | * | |
| siemens | scalance_x206-1ld | - | |
| siemens | scalance_x208_firmware | * | |
| siemens | scalance_x208 | - | |
| siemens | scalance_x208pro_firmware | * | |
| siemens | scalance_x208pro | - | |
| siemens | scalance_x212-2_firmware | * | |
| siemens | scalance_x212-2 | - | |
| siemens | scalance_x212-2ld_firmware | * | |
| siemens | scalance_x212-2ld | - | |
| siemens | scalance_x216_firmware | * | |
| siemens | scalance_x216 | - | |
| siemens | scalance_x224_firmware | * | |
| siemens | scalance_x224 | - | |
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | * | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-3ldfe_firmware | * | |
| siemens | scalance_x320-3ldfe | - | |
| siemens | scalance_xb-200_firmware | * | |
| siemens | scalance_xb-200 | - | |
| siemens | scalance_xc-200_firmware | * | |
| siemens | scalance_xc-200 | - | |
| siemens | scalance_xf201-3p_irt_firmware | * | |
| siemens | scalance_xf201-3p_irt | - | |
| siemens | scalance_xf202-2p_irt_firmware | * | |
| siemens | scalance_xf202-2p_irt | - | |
| siemens | scalance_xf204_firmware | * | |
| siemens | scalance_xf204 | - | |
| siemens | scalance_xf204_irt_firmware | * | |
| siemens | scalance_xf204_irt | - | |
| siemens | scalance_xf204-2_firmware | * | |
| siemens | scalance_xf204-2_ | - | |
| siemens | scalance_xf204-2ba_irt_firmware | * | |
| siemens | scalance_xf204-2ba_irt | - | |
| siemens | scalance_xf206-1_firmware | * | |
| siemens | scalance_xf206-1 | - | |
| siemens | scalance_xf208_firmware | * | |
| siemens | scalance_xf208 | - | |
| siemens | scalance_xf-200ba_firmware | * | |
| siemens | scalance_xf-200ba | - | |
| siemens | scalance_xm400_firmware | * | |
| siemens | scalance_xm400 | - | |
| siemens | scalance_xp-200_firmware | * | |
| siemens | scalance_xp-200 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | scalance_xr500_firmware | * | |
| siemens | scalance_xr500 | - | |
| siemens | scalance_xr-300wg_firmware | * | |
| siemens | scalance_xr-300wg | - | |
| siemens | simatic_cfu_pa_firmware | * | |
| siemens | simatic_cfu_pa | - | |
| siemens | simatic_ie\/pb-link_v3_firmware | * | |
| siemens | simatic_ie\/pb-link_v3 | - | |
| siemens | simatic_mv500_firmware | * | |
| siemens | simatic_mv500 | - | |
| siemens | simatic_net_cm_1542-1_firmware | * | |
| siemens | simatic_net_cm_1542-1 | - | |
| siemens | simatic_net_cp1616_firmware | * | |
| siemens | simatic_net_cp1616 | - | |
| siemens | simatic_net_cp1604_firmware | * | |
| siemens | simatic_net_cp1604 | - | |
| siemens | simatic_net_cp1626_firmware | * | |
| siemens | simatic_net_cp1626 | - | |
| siemens | simatic_net_dk-16xx_pn_io | * | |
| siemens | simatic_power_line_booster_plb_firmware | * | |
| siemens | simatic_power_line_booster_plb | - | |
| siemens | simatic_profinet_driver_firmware | * | |
| siemens | simatic_profinet_driver | - | |
| siemens | simatic_s7-1200_firmware | * | |
| siemens | simatic_s7-1200 | - | |
| siemens | simocode_prov_ethernet\/ip_firmware | * | |
| siemens | simocode_prov_ethernet\/ip | - | |
| siemens | simocode_prov_profinet_firmware | * | |
| siemens | simocode_prov_profinet | - | |
| siemens | softnet-ie_pnio_firmware | * | |
| siemens | softnet-ie_pnio | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:dk_standard_ethernet_controller_evaluation_kit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1BA1C1FD-EF49-488E-AB49-6F571D9E21B0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:dk_standard_ethernet_controller_evaluation_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "83110E06-CDB2-49AE-B1E6-6785E0801A53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ek-ertec_200_evaulation_kit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "978998A4-C7B5-4D6D-9FAD-3C6F975C8881", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ek-ertec_200_evaulation_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "12C60870-6B8C-4E91-B156-60D87B85543F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ek-ertec_200p_evaluation_kit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "249935E8-C45B-4586-B6BA-664AF23C7468", versionEndExcluding: "4.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ek-ertec_200p_evaluation_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "37176F8D-F1CB-4792-86FF-DA0FF674E0B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "758CC5D1-F26C-4093-BE09-0583F4CDBBDB", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02BC878B-BF73-4A2C-A9D5-F9FF0F3D418B", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F5AD34D-61AA-47B0-993A-4834984893EA", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60CB864-640E-4BC2-B378-5AF3DCA292D4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*", matchCriteriaId: "D3033B1E-57A6-4AE3-A861-7047CF8EAD79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44B0E5EA-4924-4865-AE6F-2F7BFCE5513B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*", matchCriteriaId: "5D9A73DD-4A21-4096-B4B6-A0A825E71006", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x200-4_p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8FCE9120-8091-41EC-A75E-01ED4AF64E28", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x200-4_p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "73E42E20-18CB-40A7-B6D5-751F26303995", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA86FF0D-7B16-4991-B4A5-AF33BF40693A", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "3268CF75-6DAB-416A-B19B-2A8F95C268CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2326FF-5125-44F5-871C-2DC505E2B299", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "492E8AC1-338B-4AC3-90C7-1FADCD4528C4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A12E0F8-A7BB-48E9-98E5-7DA4962FA8AE", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "577D1E21-717C-4508-AE91-0BC490C89F85", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29C03AD0-7A60-4BFB-A0D3-BABB9717F1A1", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "F4726901-34BF-4F70-80A6-71648A4A29FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "576A1BD5-84DE-4FFC-926D-6C40E5176660", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "0BC31F0E-389B-4925-88DE-726F2F0D2A23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFE2ABF4-2996-4671-A5AF-4424FB2537C1", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "8FF096BA-A6F4-46B3-9B9B-7FCEE7E6A6C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACE1A821-8F0A-4B96-AC8A-B219215014B1", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2_:-:*:*:*:*:*:*:*", matchCriteriaId: "1AA16CFF-C01A-4AC0-A20E-50CBD3AA1C3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54201E08-15E3-4C93-9A0D-DC376B7C8D88", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*", matchCriteriaId: "1FCBC784-8EA0-4C6C-B504-DFC164028E4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "75220631-DD7D-4E86-8405-F98340FFE27C", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "2BE27611-53E7-4162-8630-5BC334B02E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3032A499-DFD5-4FEA-8AC6-E661781387AB", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "1FDEBD6B-6BE4-4FAD-A4E6-BE762595434D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A493C49A-8BF9-43E5-98D5-55E5390A36A5", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*", matchCriteriaId: "E5FFC1E9-4326-4F41-A86A-C52AB6A9A674", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C9747F-BEC3-486E-B553-3339F8B54C3A", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "0A5BB0F2-DD4C-4AB4-9B8F-B2501B239080", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C8D68AC-8F30-4919-ADB3-A6018458602B", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*", matchCriteriaId: "6DFF7FB7-774B-45ED-8400-951230DF0511", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BC1450A-92ED-451F-9890-4E18CA974485", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*", matchCriteriaId: "B3B574E2-F7BA-496B-887C-D25F386AA5E1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "768320F0-10F5-4B36-AEB6-9DEEA43A30E8", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*", matchCriteriaId: "DF2C60CF-4089-4993-A2CB-B7FBDAF81D62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31B8367C-5EAC-49F4-83B8-C7E3BD373092", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*", matchCriteriaId: "4E716A4E-50A9-4C52-8DA9-098F7506F4B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55F50ABF-3E9A-4435-BAA4-7D11A2047D46", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "C08CDEE3-43EB-475E-8571-6E12824714FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC643617-D0B7-4379-8ADB-2C2BACA4B165", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*", matchCriteriaId: "F0C4BAB5-E161-4B59-8A8C-369C7852A66E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F0189DF6-DA80-49FE-B09F-0C07D892518E", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*", matchCriteriaId: "D2203895-BC4E-4B2F-9110-C2CD88A121F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF92A1A7-ADFB-49E1-AC54-03E32ECB73CE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "392D0623-343D-4BF1-BE0B-F2B347A24B62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "663897D9-82F5-436D-A0CF-BBB9338BF363", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9666E7EA-A298-4972-80F8-765B0F99EB25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9676DB10-982D-445F-9779-B39AE720AF2F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48D3EB09-6069-4289-A61E-C15B044EA2E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F045D6B1-459B-46F0-86DF-F9AA3CCEA9BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40A1A5F9-4971-4E9D-BBE7-5A0357C56213", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F53C74B-2154-417E-ACFE-01F0BACD3F15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D76A2268-5397-466C-98B5-01B46B4840A1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F8888A7-3285-4ACA-A5AD-2B0578050C4C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C08597D-6190-4C73-9ECF-2535553DECAA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2C12934-E79C-41A4-B023-BADD7D68CB55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D288227C-69C1-4248-AB4A-51F44A41FDEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27F765CD-B8A9-45B6-BA3C-C569FF0F8FF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91EDD23A-1DBD-4117-9396-89ADBC705B3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF07B014-1BA3-477E-A405-5DB35F68126A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "80502856-7617-4ED9-A103-681021131EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "144CDF5E-7E07-428B-B4DF-C94992B3A44A", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "339FFBDF-6957-481F-84CE-878B5CAAD9C8", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5557DB0-D3D8-4E53-BBA8-700B2BC336C0", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "41614C70-97B4-44C8-A441-530A413A26F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1A7EDE9-B5F9-4471-8C5D-B1D590CB85FB", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6751FB7D-C72C-4321-B535-5880FE696FC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CD13707-1164-415E-9083-7946D151F1FC", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", matchCriteriaId: "0F1AE867-67B4-4871-BF56-88017533A737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86FBD0DA-ADA4-4F06-A2D6-11D7312257A2", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "25DDF1EB-80E7-491F-A197-1B220E35CDF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A09FF2D-F369-47B5-AEE4-A862BEDD9851", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2_:-:*:*:*:*:*:*:*", matchCriteriaId: "0C4207E0-7678-4E35-A79E-A6066D1E8BB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "786738CF-CA6C-4812-BD4D-595E249BFA76", versionEndExcluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFCDC84E-0695-409A-844B-D24024CC33F2", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "2B40D2EB-5C69-47FA-801B-DC48407D418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1DB6C03-71BF-4359-834B-384E78910E64", versionEndExcluding: "5.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", matchCriteriaId: "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FBB13D3-4E04-4D01-B880-C16C4FFA240B", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D589735-017F-4675-8056-CA4FE57360E8", versionEndExcluding: "6.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC408A8-903F-43A2-9D05-65AD4482FDBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E642D10-E701-44DF-863B-D0DAA5530F50", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E6AB4BE-D669-4A95-8F8A-F2DA146D5FB1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F4B8E2B-DEFF-4F1C-B5A4-0C4671C605C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F4DE2B7-1AB3-4BA5-B261-926B774B01DD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0AC751E0-FC87-4DEB-85E8-C3E028B76482", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB09860F-9DC8-476B-9AF7-6FFE57101D6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32E2B545-326C-4724-90BC-147B57A37F20", versionEndExcluding: "6.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "080E722F-FCD4-4967-86EE-151ADC5702E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A53C2B5-A3FD-44CC-A78B-D2124EF37DB4", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cfu_pa_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5119182-CB31-466A-AB0F-7956C8B45AE0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cfu_pa:-:*:*:*:*:*:*:*", matchCriteriaId: "B6C1E4CC-2657-4383-83D8-5C8F88B12755", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ie\\/pb-link_v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A8C0F9C-AF27-424C-83F0-326EC10C40BE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ie\\/pb-link_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "939D9324-2A7F-4DBF-8F9F-DB8A379C977A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDEAC63C-E402-4698-B4A8-E9B53D5540DA", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*", matchCriteriaId: "93A5B50E-0316-4189-8F41-54732CFCF63F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cm_1542-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "761C2EC9-51B9-482B-8798-7982D265933D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cm_1542-1:-:*:*:*:*:*:*:*", matchCriteriaId: "40757A32-7347-4975-BC01-A1B28760D2C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1616_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4575EFA7-C453-466D-9C37-38FEE0B78053", versionEndIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1616:-:*:*:*:*:*:*:*", matchCriteriaId: "0B971242-13BA-4217-8FB0-92ACDCE463CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1604_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9F73267-3A7A-4A38-B999-9877B173B518", versionEndIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1604:-:*:*:*:*:*:*:*", matchCriteriaId: "A0DB421E-A774-451F-85AB-E66A4FAA33A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1626_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18143A38-84B8-479E-99FB-93FCA8CB058D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1626:-:*:*:*:*:*:*:*", matchCriteriaId: "5B0286CB-0566-4306-B069-789E5A4F168F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_net_dk-16xx_pn_io:*:*:*:*:*:*:*:*", matchCriteriaId: "78430123-6230-4B76-B163-CDA3FA77413C", versionEndIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_power_line_booster_plb_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AAAECA7-6936-48AD-B617-79F4C708E47F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_power_line_booster_plb:-:*:*:*:*:*:*:*", matchCriteriaId: "B7B52AEC-7A90-49F2-8006-FC146405C3E0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_profinet_driver_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE64639F-FC6D-43F6-A300-9B5A62495B27", versionEndExcluding: "2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:*", matchCriteriaId: "526493E9-EF74-4836-9A8F-134B625035AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6870C5CC-B7E0-45C3-9D98-F90765EE153F", versionEndExcluding: "4.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*", matchCriteriaId: "EC545350-FD53-4B2E-886F-E20F12260C9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simocode_prov_ethernet\\/ip_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FBDC4FD6-06A6-4728-B8A0-D896CD89FD3E", versionEndExcluding: "1.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simocode_prov_ethernet\\/ip:-:*:*:*:*:*:*:*", matchCriteriaId: "6CBAF8CF-6159-46D2-AB92-7CB5BFA7467B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simocode_prov_profinet_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27AC468E-63F9-443B-906C-D1794B846744", versionEndExcluding: "2.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simocode_prov_profinet:-:*:*:*:*:*:*:*", matchCriteriaId: "E595680D-555C-4A8E-A409-88CBCE6681E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:softnet-ie_pnio_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45650D6F-1F5F-4DC8-BF5C-C4FBE3D3E39D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:softnet-ie_pnio:-:*:*:*:*:*:*:*", matchCriteriaId: "B8673C81-91F5-4E74-8C5F-829040F39E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.", }, { lang: "es", value: "Los dispositivos afectados contienen una vulnerabilidad que permite a un atacante no autentificado desencadenar una condición de denegación de servicio. La vulnerabilidad puede activarse si se envía una gran cantidad de paquetes de restablecimiento de DCP al dispositivo", }, ], id: "CVE-2020-28400", lastModified: "2024-12-10T14:15:19.373", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 8.7, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2021-07-13T11:15:08.960", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:52
Severity ?
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x302-7eec_firmware | * | |
| siemens | scalance_x302-7eec | - | |
| siemens | scalance_x304-2fe_firmware | * | |
| siemens | scalance_x304-2fe | - | |
| siemens | scalance_x306-1ldfe_firmware | * | |
| siemens | scalance_x306-1ldfe | - | |
| siemens | scalance_x307-2eec_firmware | * | |
| siemens | scalance_x307-2eec | - | |
| siemens | scalance_x307-3_firmware | * | |
| siemens | scalance_x307-3 | - | |
| siemens | scalance_x307-3ld_firmware | * | |
| siemens | scalance_x307-3ld | - | |
| siemens | scalance_x308-2_firmware | * | |
| siemens | scalance_x308-2 | - | |
| siemens | scalance_x308-2ld_firmware | * | |
| siemens | scalance_x308-2ld | - | |
| siemens | scalance_x308-2lh_firmware | * | |
| siemens | scalance_x308-2lh | - | |
| siemens | scalance_x308-2lh\+_firmware | * | |
| siemens | scalance_x308-2lh\+ | - | |
| siemens | scalance_x308-2m_firmware | * | |
| siemens | scalance_x308-2m | - | |
| siemens | scalance_x308-2m_poe_firmware | - | |
| siemens | scalance_x308-2m_poe | - | |
| siemens | scalance_x308-2m_ts_firmware | * | |
| siemens | scalance_x308-2m_ts | - | |
| siemens | scalance_x310_firmware | * | |
| siemens | scalance_x310 | - | |
| siemens | scalance_x310fe_firmware | * | |
| siemens | scalance_x310fe | - | |
| siemens | scalance_x320-1fe_firmware | * | |
| siemens | scalance_x320-1fe | - | |
| siemens | scalance_x320-1-2ldfe_firmware | * | |
| siemens | scalance_x320-1-2ldfe | - | |
| siemens | scalance_x408-2_firmware | * | |
| siemens | scalance_x408-2 | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | siplus_net_scalance_x308-2_firmware | * | |
| siemens | siplus_net_scalance_x308-2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FB6F150-2662-44AE-8DC1-0B0A426E8352", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E97B3B-1808-45D2-97B7-CF31CA6E7A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F4071F-1AE2-4FAD-A8CB-1619552101A3", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*", matchCriteriaId: "0087A1C6-AA76-4FD6-BAA1-D3190D2A0116", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B78CFDF-1B15-4A4B-99D4-8CC5E1867BD1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "880CF41B-B25D-4744-8E8B-C4B131932B1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCB1094D-3F8A-4331-ABB9-46B73F7E008F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*", matchCriteriaId: "804EE08B-75A1-4CF6-9C30-8CF0CDC39658", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE21803A-A5CA-482A-ABD2-C9A547831BF6", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*", matchCriteriaId: "55EF0738-C9EF-4E4B-A7E7-ECC1B5F0678A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEBFBB10-35E0-46BB-A937-E9A933C4D5BC", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*", matchCriteriaId: "7737F0C2-43FC-4330-88F2-9B08BA5B35D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91F6DD-A74C-4310-88AB-63A39D0208BE", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCED3E4-38EF-4645-B25C-4F2C3D4E091C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5513D8-59DD-4EE1-B2E8-F800D1DA7BC5", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1909FA-C8C6-46BE-83C6-2635D36FE69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11DE626-D744-49A7-93C4-FE2C2AF5245F", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDBD94D-5312-4A54-AF76-D9DF791C0292", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC259CD1-5C79-4491-B375-7A69116F2747", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "85153EED-C677-495D-A6BB-72365DE1ED3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79918934-7B0B-4032-972E-2347CD33029D", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "AC54911E-C432-48FA-9551-9644422FFE14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00FBD442-84AA-48F3-8AD1-5767FFB2FC3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "3E22C57C-2BD6-4C39-93D2-5D81A58EA6F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72D4503-5AAE-4C6F-BAE9-FA51701191B1", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "DFCCB68C-A58D-4543-A11F-721B01FFBBA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2333C8-E9C7-43D8-9EAA-A88ECAAB4236", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*", matchCriteriaId: "7FE3716E-1C0A-4B72-809A-8318E5853FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EECD381-262F-4C47-90E1-7B44092C74BD", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*", matchCriteriaId: "8FB34E83-83A3-45C3-B040-D8910971D439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C40232-5696-44CC-B38F-5331A745C760", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*", matchCriteriaId: "CC54880F-CBF4-4772-A4FB-B07D97287D44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2F1969E4-CFD6-4AC7-956E-374967F5C406", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D400F5-AD80-4536-A99D-793E1560757B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3ACB931D-C484-42F4-9912-24B44FE97017", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0C632B90-EB11-4A4C-8128-DABBE044B9AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EFA152-D29B-4116-A3D2-ACF7A025E053", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "935CD21D-0471-4D1F-AF81-B1F996A9EFAB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2C0F1FB-8B5E-448C-A304-FDDCB3DFCDD4", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0E1F54-D9EA-4AFB-80EF-0A585EC3C641", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC03DF92-C7A1-4232-AFDF-04B2B50666DB", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25103533-B9BC-4553-B195-AF5CACAB713B", versionEndExcluding: "4.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9C48C944-324B-4390-B9D1-3D0FC3DD5BFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, puertos en la parte frontal), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte delantera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIPLUS NET SCALANCE X308-2. El servidor web de un dispositivo afectado carece de encabezados de seguridad específicas. Esto podría permitir a un atacante remoto extraer información confidencial de la sesión bajo determinadas circunstancias", }, ], id: "CVE-2022-25755", lastModified: "2024-11-21T06:52:56.460", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:14.793", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-01-12 21:15
Modified
2024-11-21 05:22
Severity ?
Summary
A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02 | Third Party Advisory, US Government Resource, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02 | Third Party Advisory, US Government Resource, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_xr324-12m_firmware | * | |
| siemens | scalance_xr324-12m | - | |
| siemens | scalance_xr324-12m_ts_firmware | * | |
| siemens | scalance_xr324-12m_ts | - | |
| siemens | scalance_xr324-4m_eec_firmware | * | |
| siemens | scalance_xr324-4m_eec | - | |
| siemens | scalance_xr324-4m_poe_firmware | * | |
| siemens | scalance_xr324-4m_poe | - | |
| siemens | scalance_xr324-4m_poe_ts_firmware | * | |
| siemens | scalance_xr324-4m_poe_ts | - | |
| siemens | scalance_xr324wg_firmware | * | |
| siemens | scalance_xr324wg | - | |
| siemens | scalance_xr326-2c_poe_wg_firmware | * | |
| siemens | scalance_xr326-2c_poe_wg | - | |
| siemens | scalance_xr328-4c_wg_firmware | * | |
| siemens | scalance_xr328-4c_wg | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DAB9BF3B-08CB-4307-8EA4-4704E5E107A6", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*", matchCriteriaId: "36C9AE74-4683-4ED0-A605-3A6B065C230E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C7F2ADB-BC8F-480C-B3DB-7CBFFFF6604C", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4356417E-B4CB-45B0-B395-CE9D423FAB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5637F52B-0887-469D-A6CD-C54996FD09D6", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*", matchCriteriaId: "6F952542-6B79-4681-A236-15C188AAEB1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19EC397D-1510-4F92-94E1-7E154B1FCE1C", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*", matchCriteriaId: "664D9C76-BC13-4874-939C-A8211DA33903", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5051EBA9-94F8-4655-8D6C-D991C4348409", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "4834A67B-7B0B-4F88-BBFB-25667FD68EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr324wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3AC6D32-1EDD-4DF1-B48A-D8AE73C0CA2F", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr324wg:-:*:*:*:*:*:*:*", matchCriteriaId: "E767C461-8FA6-4700-98CB-734AFD309140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr326-2c_poe_wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A82CF7F5-5555-4247-9C66-48AC6E3683CC", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr326-2c_poe_wg:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD19EFB-12D2-4401-B87A-91873528E474", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr328-4c_wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9C73FC3-0179-418C-A5F2-E9E51D77D8B1", versionEndExcluding: "4.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr328-4c_wg:-:*:*:*:*:*:*:*", matchCriteriaId: "A5B7DEDC-66BD-4701-BBDD-16273263ADC9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en la familia de switch SCALANCE X-300 (incluidas las variantes X408 y SIPLUS NET) (todas las versiones anteriores a V4.1.0). Los dispositivos no crean una nueva clave privada única después del restablecimiento de fábrica. Un atacante podría aprovechar esta situación en una situación de man-in-the-middle y descifrar el tráfico capturado previamente", }, ], id: "CVE-2020-28395", lastModified: "2024-11-21T05:22:42.987", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-12T21:15:18.197", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", "Vendor Advisory", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", "Vendor Advisory", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-321", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-798", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }