VYPR

Scalance X200irt Firmware

by Siemens Foundation

CVEs (7)

  • CVE-2017-2681MedMay 11, 2017
    risk 0.42cvss 6.5epss 0.01

    Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

  • CVE-2017-2680MedMay 11, 2017
    risk 0.42cvss 6.5epss 0.01

    Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

  • CVE-2015-1049Feb 2, 2015
    risk 0.00cvss epss 0.02

    The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.

  • CVE-2013-5944Oct 3, 2013
    risk 0.00cvss epss 0.02

    The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the…

  • CVE-2013-5709Sep 17, 2013
    risk 0.00cvss epss 0.03

    The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a…

  • CVE-2013-3634May 24, 2013
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation…

  • CVE-2013-3633May 24, 2013
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges…