CVSS: 5.4EPSS: 0%CPEs: 16EXPL: 0CVE-2019-13924
https://notcve.org/view.php?id=CVE-2019-13924
11 Feb 2020 — A vulnerability has been identified in SCALANCE S602 (All versions < V4.1), SCALANCE S612 (All versions < V4.1), SCALANCE S623 (All versions < V4.1), SCALANCE S627-2M (All versions < V4.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < 5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < 4.1.3). The devic... • https://cert-portal.siemens.com/productcert/pdf/ssa-951513.pdf • CWE-693: Protection Mechanism Failure CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.6EPSS: 0%CPEs: 14EXPL: 0CVE-2019-13933
https://notcve.org/view.php?id=CVE-2019-13933
16 Jan 2020 — A vulnerability has been identified in SCALANCE X204RNA (HSR), SCALANCE X204RNA (PRP), SCALANCE X204RNA EEC (HSR), SCALANCE X204RNA EEC (PRP), SCALANCE X204RNA EEC (PRP/HSR), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCAL... • https://cert-portal.siemens.com/productcert/pdf/ssa-443566.pdf • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2019-6569
https://notcve.org/view.php?id=CVE-2019-6569
26 Mar 2019 — The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior. La barrera de monitorización de los productos afectados bloquea insuficientemente el reenvío de datos a través del puerto espejo hacia la red reflejada. Un atacante podría utilizar este comportamiento para ... • https://cert-portal.siemens.com/productcert/pdf/ssa-557804.pdf • CWE-440: Expected Behavior Violation •
CVSS: 9.8EPSS: 3%CPEs: 31EXPL: 0CVE-2012-1802
https://notcve.org/view.php?id=CVE-2012-1802
18 Apr 2012 — Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a malformed URL. Desbordamiento de búfer en el servidor web integrado en el conmutador ethernet industrial Siemens Scalance X X414-3E antes de v3.7.1, X308-2M antes de v3.7.2, X-300EEC antes de v3.... • http://osvdb.org/81032 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •