Siemens Scalance_xr-300
9 CVEs affecting Siemens Scalance_xr-300. Latest disclosed: 2022-08-10. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-36323 | Critical | 9.1 | 2022-08-10 | Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or s… |
CVE-2019-13933 | High | 8.6 | 2020-01-16 | A vulnerability has been identified in SCALANCE X204RNA (HSR), SCALANCE X204RNA (PRP), SCALANCE X204RNA EEC (HSR), SCALANCE X204RNA EEC (PRP), SCALANCE X204RNA… |
CVE-2022-36324 | High | 7.5 | 2022-08-10 | Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute fo… |
CVE-2019-19301 | High | 7.5 | 2020-04-14 | A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE… |
CVE-2022-36325 | Medium | 6.8 | 2022-08-10 | Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with a… |
CVE-2019-13924 | Medium | 5.4 | 2020-02-11 | A vulnerability has been identified in SCALANCE S602 (All versions < V4.1), SCALANCE S612 (All versions < V4.1), SCALANCE S623 (All versions < V4.1), SCALANCE… |
CVE-2014-8479 | | 2015-01-21 | The FTP server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote authenticated use… | |
CVE-2014-8478 | | 2015-01-21 | The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote attackers to caus… | |
CVE-2012-1802 | | 2012-04-18 | Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7… |