Product:

Scalance_x200\-4p_irt

(Siemens)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2013-09-17 CVE-2013-5709 The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value. Scalance_x200\-4p_irt, Scalance_x201\-3p_irt, Scalance_x202\-2irt, Scalance_x202\-2p_irt, Scalance_x204irt, Scalance_x\-200, Scalance_x\-200_series_firmware, Scalance_x\-200rna, Scalance_xf\-200 N/A
2013-05-24 CVE-2013-3634 A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 does not check the user credentials sufficiently. Therefore, an attacker is able to execute SNMP commands without correct credentials. Scalance_x200\-4p_irt, Scalance_x200irt_firmware, Scalance_x201\-3p_irt, Scalance_x202\-2irt, Scalance_x202\-2p_irt, Scalance_x204irt, Scalance_xf204irt N/A
2013-05-24 CVE-2013-3633 A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the web interface are only enforced on client side and not properly verified on server side. Therefore, an attacker is able to execute privileged commands using an unprivileged account. Scalance_x200\-4p_irt, Scalance_x200irt_firmware, Scalance_x201\-3p_irt, Scalance_x202\-2irt, Scalance_x202\-2p_irt, Scalance_x204irt, Scalance_xf204irt N/A