var-201309-0316
Vulnerability from variot
The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value. The Siemens Scalance X200 is an industrial Ethernet switch from Siemens. Remote attackers can exploit this issue to hijack web sessions over the network without authentication. Other attacks are also possible. Siemens Scalance X-200 Series switches running firmware versions prior to 5.0.0 are vulnerable
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201309-0316", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "scalance x-200 series", scope: "eq", trust: 1.6, vendor: "siemens", version: "4.3", }, { model: "scalance x201-3p irt", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "scalance x-200rna", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "scalance x202-2irt", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "scalance x-200", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "scalance x200-4p irt", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "scalance x-200 series", scope: "lte", trust: 1, vendor: "siemens", version: "4.4", }, { model: "scalance x202-2p irt", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "scalance x204irt", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "scalance xf-200", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "scalance x-200", scope: null, trust: 0.8, vendor: "siemens", version: null, }, { model: "scalance x-200 series", scope: "lt", trust: 0.8, vendor: "siemens", version: "5.0.0", }, { model: "scalance x-200rna", scope: null, trust: 0.8, vendor: "siemens", version: null, }, { model: "scalance x200-4pirt", scope: null, trust: 0.8, vendor: "siemens", version: null, }, { model: "scalance x201-3p irt", scope: null, trust: 0.8, vendor: "siemens", version: null, }, { model: "scalance x202-2irt", scope: null, trust: 0.8, vendor: "siemens", version: null, }, { model: "scalance x202-2p irt", scope: null, trust: 0.8, vendor: "siemens", version: null, }, { model: "scalance x204irt", scope: null, trust: 0.8, vendor: "siemens", version: null, }, { model: "scalance xf-200", scope: null, trust: 0.8, vendor: "siemens", version: null, }, { model: "scalance series switches", scope: "eq", trust: 0.6, vendor: "siemens", version: "x-200", }, { model: "scalance x-200 series", scope: "eq", trust: 0.6, vendor: "siemens", version: "4.4", }, { model: null, scope: "eq", trust: 0.4, vendor: "scalance x202 2p irt", version: null, }, { model: null, scope: "eq", trust: 0.4, vendor: "scalance x204irt", version: null, }, { model: null, scope: "eq", trust: 0.4, vendor: "scalance x201 3p irt", version: null, }, { model: "scalance xf208", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance xf206-1", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance xf204-2", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance xf204", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance", scope: "eq", trust: 0.3, vendor: "siemens", version: "x2240", }, { model: "scalance", scope: "eq", trust: 0.3, vendor: "siemens", version: "x2160", }, { model: "scalance x212-2ld", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance", scope: "eq", trust: 0.3, vendor: "siemens", version: "x212-20", }, { model: "scalance x208pro", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance", scope: "eq", trust: 0.3, vendor: "siemens", version: "x2080", }, { model: "scalance x206-1ld", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance", scope: "eq", trust: 0.3, vendor: "siemens", version: "x206-10", }, { model: "scalance x204-2ts", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance x204-2ld", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance", scope: "eq", trust: 0.3, vendor: "siemens", version: "x204-20", }, { model: "scalance xf208", scope: "ne", trust: 0.3, vendor: "siemens", version: "5.0", }, { model: "scalance xf206-1", scope: "ne", trust: 0.3, vendor: "siemens", version: "5.0", }, { model: "scalance xf204-2", scope: "ne", trust: 0.3, vendor: "siemens", version: "5.0", }, { model: "scalance xf204", scope: "ne", trust: 0.3, vendor: "siemens", version: "5.0", }, { model: "scalance", scope: "ne", trust: 0.3, vendor: "siemens", version: "x2245.0", }, { model: "scalance", scope: "ne", trust: 0.3, vendor: "siemens", version: "x2165.0", }, { model: "scalance x212-2ld", scope: "ne", trust: 0.3, vendor: "siemens", version: "5.0", }, { model: "scalance", scope: "ne", trust: 0.3, vendor: "siemens", version: "x212-25.0", }, { model: "scalance x208pro", scope: "ne", trust: 0.3, vendor: "siemens", version: "5.0", }, { model: "scalance", scope: "ne", trust: 0.3, vendor: "siemens", version: "x2085.0", }, { model: "scalance x206-1ld", scope: "ne", trust: 0.3, vendor: "siemens", version: "5.0", }, { model: "scalance x204-2ts", scope: "ne", trust: 0.3, vendor: "siemens", version: "5.0", }, { model: "scalance x204-2ld", scope: "ne", trust: 0.3, vendor: "siemens", version: "5.0", }, { model: "scalance", scope: "ne", trust: 0.3, vendor: "siemens", version: "x204-25.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "scalance x 200rna", version: null, }, { model: null, scope: "eq", trust: 0.2, vendor: "scalance x 200 series", version: "4.4", }, { model: null, scope: "eq", trust: 0.2, vendor: "scalance x 200", version: null, }, { model: null, scope: "eq", trust: 0.2, vendor: "scalance x200 4p irt", version: null, }, { model: null, scope: "eq", trust: 0.2, vendor: "scalance x 200 series", version: "4.3", }, { model: null, scope: "eq", trust: 0.2, vendor: "scalance x202 2irt", version: null, }, { model: null, scope: "eq", trust: 0.2, vendor: "scalance xf 200", version: null, }, ], sources: [ { db: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-13027", }, { db: "BID", id: "62341", }, { db: "JVNDB", id: "JVNDB-2013-004188", }, { db: "NVD", id: "CVE-2013-5709", }, { db: "CNNVD", id: "CNNVD-201309-245", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x-200_series_firmware:4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:siemens:scalance_x-200_series_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_xf-200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x200-4p_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x204irt:-:-:pro:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:-:pro:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x202-2p_irt:-:-:pro:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x-200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x-200rna:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2013-5709", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Eireann Leverett of IOActive", sources: [ { db: "BID", id: "62341", }, { db: "CNNVD", id: "CNNVD-201309-245", }, ], trust: 0.9, }, cve: "CVE-2013-5709", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, impactScore: 8.5, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 8.3, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2013-5709", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CNVD-2013-13027", impactScore: 8.5, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "abb36416-2352-11e6-abef-000c29c66e3d", impactScore: 8.5, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:C", version: "2.9 [IVD]", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-65711", impactScore: 8.5, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:P/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2013-5709", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2013-13027", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201309-245", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-65711", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-13027", }, { db: "VULHUB", id: "VHN-65711", }, { db: "JVNDB", id: "JVNDB-2013-004188", }, { db: "NVD", id: "CVE-2013-5709", }, { db: "CNNVD", id: "CNNVD-201309-245", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value. The Siemens Scalance X200 is an industrial Ethernet switch from Siemens. \nRemote attackers can exploit this issue to hijack web sessions over the network without authentication. Other attacks are also possible. \nSiemens Scalance X-200 Series switches running firmware versions prior to 5.0.0 are vulnerable", sources: [ { db: "NVD", id: "CVE-2013-5709", }, { db: "JVNDB", id: "JVNDB-2013-004188", }, { db: "CNVD", id: "CNVD-2013-13027", }, { db: "BID", id: "62341", }, { db: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", }, { db: "VULHUB", id: "VHN-65711", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2013-5709", trust: 3.6, }, { db: "ICS CERT", id: "ICSA-13-254-01", trust: 2.8, }, { db: "SIEMENS", id: "SSA-850708", trust: 2.3, }, { db: "BID", id: "62341", trust: 1, }, { db: "CNNVD", id: "CNNVD-201309-245", trust: 0.9, }, { db: "CNVD", id: "CNVD-2013-13027", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2013-004188", trust: 0.8, }, { db: "SECUNIA", id: "54784", trust: 0.6, }, { db: "IVD", id: "ABB36416-2352-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "SEEBUG", id: "SSVID-89653", trust: 0.1, }, { db: "VULHUB", id: "VHN-65711", trust: 0.1, }, ], sources: [ { db: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-13027", }, { db: "VULHUB", id: "VHN-65711", }, { db: "BID", id: "62341", }, { db: "JVNDB", id: "JVNDB-2013-004188", }, { db: "NVD", id: "CVE-2013-5709", }, { db: "CNNVD", id: "CNNVD-201309-245", }, ], }, id: "VAR-201309-0316", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-13027", }, { db: "VULHUB", id: "VHN-65711", }, ], trust: 1.471450018, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", "Network device", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.2, }, ], sources: [ { db: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-13027", }, ], }, last_update_date: "2023-12-18T12:09:03.464000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SSA-850708", trust: 0.8, url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf", }, { title: "Patch for the Siemens SCALANCE X-200 Series Switch Session Hijacking Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/39576", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-13027", }, { db: "JVNDB", id: "JVNDB-2013-004188", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-189", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-65711", }, { db: "JVNDB", id: "JVNDB-2013-004188", }, { db: "NVD", id: "CVE-2013-5709", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "http://ics-cert.us-cert.gov/advisories/icsa-13-254-01", }, { trust: 1.7, url: "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-850708.pdf", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5709", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5709", }, { trust: 0.6, url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf", }, { trust: 0.6, url: "http://www.secunia.com/advisories/54784/", }, { trust: 0.3, url: "http://subscriber.communications.siemens.com/", }, { trust: 0.3, url: "http://ics-cert.us-cert.gov/advisories/icsa-13-254-01#footnoteb_gtr58ow", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-13027", }, { db: "VULHUB", id: "VHN-65711", }, { db: "BID", id: "62341", }, { db: "JVNDB", id: "JVNDB-2013-004188", }, { db: "NVD", id: "CVE-2013-5709", }, { db: "CNNVD", id: "CNNVD-201309-245", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-13027", }, { db: "VULHUB", id: "VHN-65711", }, { db: "BID", id: "62341", }, { db: "JVNDB", id: "JVNDB-2013-004188", }, { db: "NVD", id: "CVE-2013-5709", }, { db: "CNNVD", id: "CNNVD-201309-245", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-09-17T00:00:00", db: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", }, { date: "2013-09-16T00:00:00", db: "CNVD", id: "CNVD-2013-13027", }, { date: "2013-09-17T00:00:00", db: "VULHUB", id: "VHN-65711", }, { date: "2013-09-11T00:00:00", db: "BID", id: "62341", }, { date: "2013-09-19T00:00:00", db: "JVNDB", id: "JVNDB-2013-004188", }, { date: "2013-09-17T12:04:28.820000", db: "NVD", id: "CVE-2013-5709", }, { date: "2013-09-17T00:00:00", db: "CNNVD", id: "CNNVD-201309-245", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-09-17T00:00:00", db: "CNVD", id: "CNVD-2013-13027", }, { date: "2020-02-10T00:00:00", db: "VULHUB", id: "VHN-65711", }, { date: "2013-09-11T00:00:00", db: "BID", id: "62341", }, { date: "2013-09-19T00:00:00", db: "JVNDB", id: "JVNDB-2013-004188", }, { date: "2020-02-10T15:15:12.010000", db: "NVD", id: "CVE-2013-5709", }, { date: "2020-02-11T00:00:00", db: "CNNVD", id: "CNNVD-201309-245", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201309-245", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens SCALANCE X-200 Series Switch Session Hijacking Vulnerability", sources: [ { db: "IVD", id: "abb36416-2352-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-13027", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "digital error", sources: [ { db: "CNNVD", id: "CNNVD-201309-245", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.