CVE-2013-5944
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management interface.
El servidor web integrado en switches Siemens SCALANCE X-200 con firmware anterior a la versión 4.5.0 y switches X-200IRT con firmware anterior a 5.1.0 no aplica adecuadamente los requerimientos de autenticación, lo que permite a atacantes remotos llevar a cabo acciones administrativas a través de peticiones a la interfaz de gestión.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-09-27 CVE Reserved
- 2013-10-03 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-176087.pdf | X_refsource_confirm |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Scalance X-200 Series Firmware Search vendor "Siemens" for product "Scalance X-200 Series Firmware" | <= 4.4 Search vendor "Siemens" for product "Scalance X-200 Series Firmware" and version " <= 4.4" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X-200 Search vendor "Siemens" for product "Scalance X-200" | - | - |
Affected
|
| Siemens Search vendor "Siemens" | Scalance X-200 Series Firmware Search vendor "Siemens" for product "Scalance X-200 Series Firmware" | 4.3 Search vendor "Siemens" for product "Scalance X-200 Series Firmware" and version "4.3" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X-200 Search vendor "Siemens" for product "Scalance X-200" | - | - |
Affected
|
| Siemens Search vendor "Siemens" | Scalance X-200 Series Firmware Search vendor "Siemens" for product "Scalance X-200 Series Firmware" | <= 5.0.1 Search vendor "Siemens" for product "Scalance X-200 Series Firmware" and version " <= 5.0.1" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X-200irt Search vendor "Siemens" for product "Scalance X-200irt" | - | - |
Affected
|