Unrated severityNVD Advisory· Published Sep 17, 2013· Updated Jun 16, 2026
CVE-2013-5709
CVE-2013-5709
Description
The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14cpe:2.3:h:siemens:scalance_x-200:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:siemens:scalance_x-200:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_x200-4p_irt:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_x-200rna:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_x201-3p_irt:-:-:pro:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_x202-2p_irt:-:-:pro:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_x204irt:-:-:pro:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_xf-200:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_x-200_series_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:siemens:scalance_x-200_series_firmware:*:*:*:*:*:*:*:*range: <=4.4
- cpe:2.3:o:siemens:scalance_x-200_series_firmware:4.3:*:*:*:*:*:*:*
- Range: <5.0.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.