Vulnerability Details CVE-2014-8478
The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote attackers to cause a denial of service (reboot) via malformed HTTP requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.0%
CVSS Severity
CVSS v2 Score 7.8
References
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-321046.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-321046.pdf
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-321046.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-321046.pdf
Products affected by CVE-2014-8478
-
cpe:2.3:a:siemens:scalance_x-300_series_firmware:3.9.3
-
cpe:2.3:a:siemens:scalance_x-408_firmware:3.9.3
-
cpe:2.3:h:siemens:scalance_x-300:-
-
cpe:2.3:h:siemens:scalance_x-300eec:-
-
cpe:2.3:h:siemens:scalance_x-300poe:-
-
cpe:2.3:h:siemens:scalance_x-408:-
-
cpe:2.3:h:siemens:scalance_xr-300:-
-
cpe:2.3:h:siemens:scalance_xr-300eec:-
-
cpe:2.3:h:siemens:scalance_xr-300poe:-