Auth bypass in Siemens Scalance_x-200
CVE-2013-5944
The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform admini…
Vulnerability class: Broken Authentication
EPSS: 0.023 (81.2th percentile) — read the EPSS interpretation.
Affected products
- Siemens Scalance_x-200
- Siemens Scalance_x-200irt
- Siemens Scalance_x-200_series_firmware — versions 4.3
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (x_refsource_CONFIRM)