CVSS: 7.2EPSS: 0%CPEs: 138EXPL: 0CVE-2023-44317
https://notcve.org/view.php?id=CVE-2023-44317
Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device. Se ha identificado una vulnerabilidad en: SCALANCE XB205-3 (SC, PN) (V < 4.5), SCALANCE XB205-3 (ST, E/IP) (V < 4.5), SCALANCE XB205-3 (ST , E/IP) (V < 4.5), SCALANCE XB205-3 (ST, PN) (V < 4.5), SCALANCE XB205-3LD (SC, E/IP) (V < 4.5 ), SCALANCE XB205-3LD (SC, PN) (V < 4.5), SCALANCE XB208 (E/IP) (V < 4.5), SCALANCE XB208 (PN) (V < 4.5), SCALANCE XB213-3 (SC, E/IP) (V < 4.5), SCALANCE XB213-3 (SC, PN) (V < 4.5), SCALANCE XB213-3 (ST, E/IP) ( V < 4.5), SCALANCE XB213-3 (ST, PN) (V < 4.5), SCALANCE XB213-3LD (SC, E/IP) (V < 4.5), SCALANCE XB213-3LD (SC, PN) (V < 4.5), SCALANCE XB216 (E/IP) (V < 4.5), SCALANCE XB216 (PN) (V < 4.5), SCALANCE XC206-2 (SC ) (V < 4.5), SCALANCE XC206-2 (ST/BFOC) (V < 4.5), SCALANCE XC206-2G PoE (V < 4.5), SCALANCE XC206-2G PoE (54 V DC) (V < 4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (V < 4.5), SCALANCE XC206-2SFP (V < 4.5), SCALANCE XC206-2SFP EEC ( V < 4.5), SCALANCE XC206-2SFP G (V < 4.5), SCALANCE XC206-2SFP G (EIP DEF.) (V < 4.5), SCALANCE XC206-2SFP G EEC (V < 4.5), SCALANCE XC208 (V < 4.5), SCALANCE XC208EEC (V < 4.5), SCALANCE XC208G (V < 4.5), SCALANCE XC208G (EIP def.) (V < 4.5), SCALANCE XC208G EEC (V < 4.5), SCALANCE XC208G PoE (V < 4.5), SCALANCE XC208G PoE (54 V DC) (V < 4.5), SCALANCE XC216 (V < 4.5), SCALANCE XC216-3G PoE (V < 4.5), SCALANCE XC216-3G PoE (54 V DC) (V < 4.5), SCALANCE XC216-4C (V < 4. 5), SCALANCE XC216-4C G (V < 4.5), SCALANCE XC216-4C G (EIP Def.) (V < 4.5), SCALANCE XC216-4C G EEC (V < 4.5) , SCALANCE XC216EEC (V < 4.5), SCALANCE XC224 (V < 4.5), SCALANCE XC224-4C G (V < 4.5), SCALANCE XC224-4C G (EIP Def.) • https://cert-portal.siemens.com/productcert/html/ssa-068047.html https://cert-portal.siemens.com/productcert/html/ssa-602936.html https://cert-portal.siemens.com/productcert/html/ssa-699386.html https://cert-portal.siemens.com/productcert/pdf/ssa-068047.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf https://cert-portal.siemens.com/productcert/html/ssa-690517.html • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 6.5EPSS: 0%CPEs: 202EXPL: 0CVE-2022-46140
https://notcve.org/view.php?id=CVE-2022-46140
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system. Los dispositivos afectados utilizan un esquema de cifrado débil para cifrar el archivo zip de depuración. Esto podría permitir a un atacante autenticado descifrar el contenido del archivo y recuperar información de depuración sobre el sistema. • https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.7EPSS: 0%CPEs: 202EXPL: 0CVE-2022-46142
https://notcve.org/view.php?id=CVE-2022-46142
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords. Los dispositivos afectados almacenan las contraseñas de usuario de CLI cifradas en la memoria flash. Los atacantes con acceso físico al dispositivo podrían recuperar el archivo y descifrar las contraseñas de usuario de la CLI. • https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf • CWE-257: Storing Passwords in a Recoverable Format CWE-522: Insufficiently Protected Credentials •
CVSS: 2.7EPSS: 0%CPEs: 202EXPL: 0CVE-2022-46143
https://notcve.org/view.php?id=CVE-2022-46143
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. Los dispositivos afectados no verifican correctamente el tamaño del bloque TFTP. Esto podría permitir que un atacante autenticado lea desde un búfer no inicializado que potencialmente contenga datos previamente asignados. • https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf https://cert-portal.siemens.com/productcert/html/ssa-413565.html https://cert-portal.siemens.com/productcert/html/ssa-180704.html • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.1EPSS: 0%CPEs: 60EXPL: 0CVE-2022-40631
https://notcve.org/view.php?id=CVE-2022-40631
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-2P IRT (All versions < V5.5.0), SCALANCE X202-2P IRT PRO (All versions < V5.5.0), SCALANCE X204-2 (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X204IRT (All versions < V5.5.0), SCALANCE X204IRT PRO (All versions < V5.5.0), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < V5.5.0), SCALANCE XF202-2P IRT (All versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204-2 (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < V5.5.0), SCALANCE XF204IRT (All versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.0). There is a cross-site scripting vulnerability on the affected devices, that if used by a threat actor, it could result in session hijacking. Se ha identificado una vulnerabilidad en SCALANCE X200-4P IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X201-3P IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X201-3P IRT PRO (Todas las versiones anteriores a V5. 5.0), SCALANCE X202-2IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X202-2P IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X202-2P IRT PRO (Todas las versiones anteriores a V5.5. 0), SCALANCE X204-2 (Todas las versiones anteriores a V5.2.5), SCALANCE X204-2FM (Todas las versiones anteriores a V5.2.5), SCALANCE X204-2LD (Todas las versiones anteriores a V5.2.5), SCALANCE X204-2LD TS (Todas las versiones anteriores a V5. 2.5), SCALANCE X204-2TS (Todas las versiones anteriores a V5.2.5), SCALANCE X204IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X204IRT PRO (Todas las versiones anteriores a V5.5.0), SCALANCE X206-1 (Todas las versiones anteriores a V5.2. 5), SCALANCE X206-1LD (Todas las versiones anteriores a V5.2.5), SCALANCE X208 (Todas las versiones anteriores a V5.2.5), SCALANCE X208PRO (Todas las versiones anteriores a V5.2.5), SCALANCE X212-2 (Todas las versiones anteriores a V5.2. 5), SCALANCE X212-2LD (Todas las versiones anteriores a V5.2.5), SCALANCE X216 (Todas las versiones anteriores a V5.2.5), SCALANCE X224 (Todas las versiones anteriores a V5.2.5), SCALANCE XF201-3P IRT (Todas las versiones anteriores a V5.5. 0), SCALANCE XF202-2P IRT (Todas las versiones anteriores a V5.5.0), SCALANCE XF204 (Todas las versiones anteriores a V5.2.5), SCALANCE XF204-2 (Todas las versiones anteriores a V5.2.5), SCALANCE XF204-2BA IRT (Todas las versiones anteriores a V5.5. 0), SCALANCE XF204IRT (Todas las versiones anteriores a V5.5.0), SCALANCE XF206-1 (Todas las versiones anteriores a V5.2.5), SCALANCE XF208 (Todas las versiones anteriores a V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (Todas las versiones anteriores a V5.5.0). Se presenta una vulnerabilidad de tipo cross-site scripting en los dispositivos afectados, que si es usada por un actor de amenaza, podría resultar en un secuestro de sesión • https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •