VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 12, 2022· Updated Aug 3, 2024

CVE-2022-25751

CVE-2022-25751

Description

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.

Affected products

51
  • Siemens/SCALANCE X302-7 EEC (230V)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X302-7 EEC (230V, coated)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X302-7 EEC (24V)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X302-7 EEC (24V, coated)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X302-7 EEC (2x 230V)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X302-7 EEC (2x 230V, coated)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X302-7 EEC (2x 24V)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X302-7 EEC (2x 24V, coated)v5
    Range: All versions < V4.1.4
  • Siemens Foundation/Scalance X308 2mcpe-rescue11 versions
    All versions < V4.1.4+ 10 more
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
  • Siemens/SCALANCE X306-1LD FEv5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X307-2 EEC (230V)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X307-2 EEC (230V, coated)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X307-2 EEC (24V)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X307-2 EEC (24V, coated)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X307-2 EEC (2x 230V)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X307-2 EEC (2x 230V, coated)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X307-2 EEC (2x 24V)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X307-2 EEC (2x 24V, coated)v5
    Range: All versions < V4.1.4
  • Siemens Foundation/SCALANCE X300cpe-rescue2 versions
    All versions < V4.1.4+ 1 more
    • (no CPE)range: All versions < V4.1.4
    • (no CPE)range: All versions < V4.1.4
  • Siemens/SCALANCE X320-1-2LD FEv5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE X320-1 FEv5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-12M (230V, ports on front)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-12M (230V, ports on rear)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-12M (24V, ports on front)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-12M (24V, ports on rear)v5
    Range: All versions < V4.1.4
  • Siemens Foundation/Scalance Xr324 12m Ts Firmwarecpe-rescue
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M EEC (24V, ports on front)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M EEC (24V, ports on rear)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M EEC (2x 24V, ports on front)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M EEC (2x 24V, ports on rear)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M PoE (230V, ports on front)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M PoE (230V, ports on rear)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M PoE (24V, ports on front)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M PoE (24V, ports on rear)v5
    Range: All versions < V4.1.4
  • Siemens/SCALANCE XR324-4M PoE TS (24V, ports on front)v5
    Range: All versions < V4.1.4
  • Siemens/SIPLUS NET SCALANCE X308-2v5
    Range: All versions < V4.1.4

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.