XSS in Siemens Scalance X200-4p Irt

CVE-2022-40631

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.007 (71.7th percentile) — read the EPSS interpretation.

Affected products

Siemens Scalance X200-4p Irt — versions All versions < V5.5.0
Siemens Scalance X201-3p Irt — versions All versions < V5.5.0
Siemens Scalance X201-3p Irt Pro — versions All versions < V5.5.0
Siemens Scalance X202-2irt — versions All versions < V5.5.0
Siemens Scalance X202-2p Irt — versions All versions < V5.5.0
Siemens Scalance X202-2p Irt Pro — versions All versions < V5.5.0
Siemens Scalance X204-2 — versions All versions < V5.2.5
Siemens Scalance X204-2fm — versions All versions < V5.2.5
Siemens Scalance X204-2ld — versions All versions < V5.2.5
Siemens Scalance X204-2ld Ts — versions All versions < V5.2.5

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf