var-201806-1773
Vulnerability from variot
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). The integrated configuration web server of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it. SCALANCE X-200 IRT and X300 Contains a cross-site scripting vulnerability.The information may be obtained and the information may be falsified. SiemensSCALANCEXSwitches is an industrial Ethernet switch from Siemens AG. A cross-site scripting vulnerability exists in SiemensSCALANCEXSwitches that allows an attacker to exploit a vulnerability for a cross-site scripting attack. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. The following products and versions are vulnerable: Versions prior to SCALANCE X-200 5.2.3 Versions prior to SCALANCE X-200 IRT 5.4.1 SCALANCE X300. A remote attacker can exploit this vulnerability to inject arbitrary Web script or HTML by enticing users to visit malicious links
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1773",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scalance x-200 irt",
"scope": "lt",
"trust": 1.8,
"vendor": "siemens",
"version": "5.4.1"
},
{
"model": "scalance x300",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance x-200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.2.3"
},
{
"model": "scalance x-200",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x300",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "x300"
},
{
"model": "scalance irt",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "x-200\u003c5.4.1"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "x-200\u003c5.2.3"
},
{
"model": "scalance x300",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x3000"
},
{
"model": "scalance irt",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x-2000"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x-2004.5"
},
{
"model": "scalance irt",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "x-2005.4.1"
},
{
"model": "scalance",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "x-2005.2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x300",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x 200 irt",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x 200",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"db": "NVD",
"id": "CVE-2018-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_x300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_x-200_irt_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.4.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x-200_irt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x-200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.2.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x-200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4848"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marius Rothenb\u00fccher and Ali Abbasi",
"sources": [
{
"db": "BID",
"id": "104494"
}
],
"trust": 0.3
},
"cve": "CVE-2018-4848",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-4848",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-11388",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-134879",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-4848",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4848",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-11388",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-875",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-134879",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"db": "VULHUB",
"id": "VHN-134879"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"db": "NVD",
"id": "CVE-2018-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions \u003c V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-200RNA switch family (All versions \u003c V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). The integrated configuration web server of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it. SCALANCE X-200 IRT and X300 Contains a cross-site scripting vulnerability.The information may be obtained and the information may be falsified. SiemensSCALANCEXSwitches is an industrial Ethernet switch from Siemens AG. A cross-site scripting vulnerability exists in SiemensSCALANCEXSwitches that allows an attacker to exploit a vulnerability for a cross-site scripting attack. \nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. \nThe following products and versions are vulnerable:\nVersions prior to SCALANCE X-200 5.2.3\nVersions prior to SCALANCE X-200 IRT 5.4.1\nSCALANCE X300. A remote attacker can exploit this vulnerability to inject arbitrary Web script or HTML by enticing users to visit malicious links",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4848"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "IVD",
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-134879"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4848",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-480829",
"trust": 2.6
},
{
"db": "BID",
"id": "104494",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-163-02",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2018-11388",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-875",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006634",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2F33011-39AB-11E9-A6D9-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-134879",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"db": "VULHUB",
"id": "VHN-134879"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"db": "NVD",
"id": "CVE-2018-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
]
},
"id": "VAR-201806-1773",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"db": "VULHUB",
"id": "VHN-134879"
}
],
"trust": 1.43838384
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11388"
}
]
},
"last_update_date": "2023-12-18T13:02:34.318000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-480829",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"title": "Patch for SiemensSCALANCEXSwitches Cross-Site Scripting Vulnerability (CNVD-2018-11388)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/131839"
},
{
"title": "Siemens SCALANCE X-200 IRT Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=80923"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134879"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"db": "NVD",
"id": "CVE-2018-4848"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104494"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-163-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4848"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4848"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-18-163-02"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"db": "VULHUB",
"id": "VHN-134879"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"db": "NVD",
"id": "CVE-2018-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"db": "VULHUB",
"id": "VHN-134879"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"db": "NVD",
"id": "CVE-2018-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-13T00:00:00",
"db": "IVD",
"id": "e2f33011-39ab-11e9-a6d9-000c29342cb1"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"date": "2018-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-134879"
},
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104494"
},
{
"date": "2018-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"date": "2018-06-14T16:29:00.490000",
"db": "NVD",
"id": "CVE-2018-4848"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11388"
},
{
"date": "2022-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-134879"
},
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104494"
},
{
"date": "2018-10-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006634"
},
{
"date": "2022-12-13T17:15:11.980000",
"db": "NVD",
"id": "CVE-2018-4848"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SCALANCE X-200 IRT and X300 Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006634"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-875"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.