Siemens Scalance_xr-300poe
5 CVEs affecting Siemens Scalance_xr-300poe. Latest disclosed: 2022-08-10. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-36323 | Critical | 9.1 | 2022-08-10 | Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or s… |
CVE-2022-36324 | High | 7.5 | 2022-08-10 | Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute fo… |
CVE-2022-36325 | Medium | 6.8 | 2022-08-10 | Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with a… |
CVE-2014-8479 | | 2015-01-21 | The FTP server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote authenticated use… | |
CVE-2014-8478 | | 2015-01-21 | The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote attackers to caus… |