Auth bypass in Siemens Scalance_s602
CVE-2012-1799
The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access vi…
Vulnerability class: Broken Authentication
EPSS: 0.051 (91.3th percentile) — read the EPSS interpretation.
Affected products
- Siemens Scalance_s602 — versions v2
- Siemens Scalance_s612 — versions v2
- Siemens Scalance_s613 — versions v2
- Siemens Scalance_s_firmware — versions 2.1.0, 2.2.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cret@cert.org (x_refsource_CONFIRM)
- cret@cert.org (x_refsource_OSVDB, vdb-entry)
- cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)
- cret@cert.org (US Government Resource, x_refsource_MISC)