Unrated severityNVD Advisory· Published Mar 10, 2020· Updated Aug 4, 2024
CVE-2019-6585
CVE-2019-6585
Description
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All versions >= V3.0 and < V4.1). The integrated configuration web server of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- Range: >=3.0, <4.1
>=3.0, <4.1+ 2 more
- (no CPE)range: >=3.0, <4.1
- (no CPE)range: All versions >= V3.0 and < V4.1
- (no CPE)range: All versions >= V3.0 and < V4.1
>=3.0, <4.1+ 1 more
- (no CPE)range: >=3.0, <4.1
- (no CPE)range: All versions >= V3.0 and < V4.1
- Range: All versions >= V3.0 and < V4.1
Patches
Vulnerability mechanics
References
2- cert-portal.siemens.com/productcert/pdf/ssa-591405.pdfmitrex_refsource_CONFIRM
- www.us-cert.gov/ics/advisories/icsa-20-042-10mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.