Vulnerability Details CVE-2014-8479
The FTP server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote authenticated users to cause a denial of service (reboot) via crafted FTP packets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-321046.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-321046.pdf
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-321046.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-321046.pdf
Products affected by CVE-2014-8479
-
cpe:2.3:a:siemens:scalance_x-300_series_firmware:3.9.3
-
cpe:2.3:a:siemens:scalance_x-408_firmware:3.9.3
-
cpe:2.3:h:siemens:scalance_x-300:-
-
cpe:2.3:h:siemens:scalance_x-300eec:-
-
cpe:2.3:h:siemens:scalance_x-300poe:-
-
cpe:2.3:h:siemens:scalance_x-408:-
-
cpe:2.3:h:siemens:scalance_xr-300:-
-
cpe:2.3:h:siemens:scalance_xr-300eec:-
-
cpe:2.3:h:siemens:scalance_xr-300poe:-