VAR-201309-0316
Vulnerability from variot - Updated: 2023-12-18 12:09The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value. The Siemens Scalance X200 is an industrial Ethernet switch from Siemens. Remote attackers can exploit this issue to hijack web sessions over the network without authentication. Other attacks are also possible. Siemens Scalance X-200 Series switches running firmware versions prior to 5.0.0 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0316",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scalance x-200 series",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "4.3"
},
{
"model": "scalance x201-3p irt",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x-200rna",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x202-2irt",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x-200",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x200-4p irt",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x-200 series",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "scalance x202-2p irt",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x204irt",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xf-200",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x-200",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x-200 series",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "5.0.0"
},
{
"model": "scalance x-200rna",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x200-4pirt",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x201-3p irt",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x202-2irt",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x202-2p irt",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x204irt",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xf-200",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "x-200"
},
{
"model": "scalance x-200 series",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scalance x202 2p irt",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scalance x204irt",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scalance x201 3p irt",
"version": null
},
{
"model": "scalance xf208",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance xf206-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance xf204-2",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance xf204",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x2240"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x2160"
},
{
"model": "scalance x212-2ld",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x212-20"
},
{
"model": "scalance x208pro",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x2080"
},
{
"model": "scalance x206-1ld",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x206-10"
},
{
"model": "scalance x204-2ts",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance x204-2ld",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x204-20"
},
{
"model": "scalance xf208",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "scalance xf206-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "scalance xf204-2",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "scalance xf204",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "scalance",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "x2245.0"
},
{
"model": "scalance",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "x2165.0"
},
{
"model": "scalance x212-2ld",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "scalance",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "x212-25.0"
},
{
"model": "scalance x208pro",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "scalance",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "x2085.0"
},
{
"model": "scalance x206-1ld",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "scalance x204-2ts",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "scalance x204-2ld",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "scalance",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "x204-25.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x 200rna",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x 200 series",
"version": "4.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x 200",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x200 4p irt",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x 200 series",
"version": "4.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x202 2irt",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance xf 200",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"db": "BID",
"id": "62341"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004188"
},
{
"db": "NVD",
"id": "CVE-2013-5709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_x-200_series_firmware:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_x-200_series_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_xf-200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x200-4p_irt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x204irt:-:-:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:-:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x202-2p_irt:-:-:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x-200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x-200rna:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5709"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eireann Leverett of IOActive",
"sources": [
{
"db": "BID",
"id": "62341"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
],
"trust": 0.9
},
"cve": "CVE-2013-5709",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-5709",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-13027",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "abb36416-2352-11e6-abef-000c29c66e3d",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-65711",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-5709",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-13027",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-245",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-65711",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"db": "VULHUB",
"id": "VHN-65711"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004188"
},
{
"db": "NVD",
"id": "CVE-2013-5709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value. The Siemens Scalance X200 is an industrial Ethernet switch from Siemens. \nRemote attackers can exploit this issue to hijack web sessions over the network without authentication. Other attacks are also possible. \nSiemens Scalance X-200 Series switches running firmware versions prior to 5.0.0 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5709"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004188"
},
{
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"db": "BID",
"id": "62341"
},
{
"db": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-65711"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5709",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-254-01",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-850708",
"trust": 2.3
},
{
"db": "BID",
"id": "62341",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201309-245",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-13027",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004188",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "54784",
"trust": 0.6
},
{
"db": "IVD",
"id": "ABB36416-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-89653",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-65711",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"db": "VULHUB",
"id": "VHN-65711"
},
{
"db": "BID",
"id": "62341"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004188"
},
{
"db": "NVD",
"id": "CVE-2013-5709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
]
},
"id": "VAR-201309-0316",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"db": "VULHUB",
"id": "VHN-65711"
}
],
"trust": 1.471450018
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13027"
}
]
},
"last_update_date": "2023-12-18T12:09:03.464000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-850708",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf"
},
{
"title": "Patch for the Siemens SCALANCE X-200 Series Switch Session Hijacking Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/39576"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004188"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65711"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004188"
},
{
"db": "NVD",
"id": "CVE-2013-5709"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-254-01"
},
{
"trust": 1.7,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-850708.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5709"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5709"
},
{
"trust": 0.6,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf"
},
{
"trust": 0.6,
"url": "http://www.secunia.com/advisories/54784/"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-254-01#footnoteb_gtr58ow"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"db": "VULHUB",
"id": "VHN-65711"
},
{
"db": "BID",
"id": "62341"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004188"
},
{
"db": "NVD",
"id": "CVE-2013-5709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"db": "VULHUB",
"id": "VHN-65711"
},
{
"db": "BID",
"id": "62341"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004188"
},
{
"db": "NVD",
"id": "CVE-2013-5709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-17T00:00:00",
"db": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"date": "2013-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-65711"
},
{
"date": "2013-09-11T00:00:00",
"db": "BID",
"id": "62341"
},
{
"date": "2013-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004188"
},
{
"date": "2013-09-17T12:04:28.820000",
"db": "NVD",
"id": "CVE-2013-5709"
},
{
"date": "2013-09-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13027"
},
{
"date": "2020-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-65711"
},
{
"date": "2013-09-11T00:00:00",
"db": "BID",
"id": "62341"
},
{
"date": "2013-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004188"
},
{
"date": "2020-02-10T15:15:12.010000",
"db": "NVD",
"id": "CVE-2013-5709"
},
{
"date": "2020-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SCALANCE X-200 Series Switch Session Hijacking Vulnerability",
"sources": [
{
"db": "IVD",
"id": "abb36416-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13027"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-245"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…