Vulnerability Details CVE-2022-26648
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.4%
CVSS Severity
CVSS v3 Score 8.2
CVSS v2 Score 7.8
References
Products affected by CVE-2022-26648
-
cpe:2.3:h:siemens:scalance_x200-4p_irt:-
-
cpe:2.3:h:siemens:scalance_x201-3p_irt:-
-
cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-
-
cpe:2.3:h:siemens:scalance_x202-2irt:-
-
cpe:2.3:h:siemens:scalance_x202-2p_irt:-
-
cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-
-
cpe:2.3:h:siemens:scalance_x204-2:-
-
cpe:2.3:h:siemens:scalance_x204-2fm:-
-
cpe:2.3:h:siemens:scalance_x204-2ld:-
-
cpe:2.3:h:siemens:scalance_x204-2ld_ts:-
-
cpe:2.3:h:siemens:scalance_x204-2ts:-
-
cpe:2.3:h:siemens:scalance_x204irt:-
-
cpe:2.3:h:siemens:scalance_x204irt_pro:-
-
cpe:2.3:h:siemens:scalance_x206-1:-
-
cpe:2.3:h:siemens:scalance_x206-1ld:-
-
cpe:2.3:h:siemens:scalance_x208:-
-
cpe:2.3:h:siemens:scalance_x208_pro:-
-
cpe:2.3:h:siemens:scalance_x212-2:-
-
cpe:2.3:h:siemens:scalance_x212-2ld:-
-
cpe:2.3:h:siemens:scalance_x216:-
-
cpe:2.3:h:siemens:scalance_x224:-
-
cpe:2.3:h:siemens:scalance_xf201-3p_irt:-
-
cpe:2.3:h:siemens:scalance_xf202-2p_irt:-
-
cpe:2.3:h:siemens:scalance_xf204-2:-
-
cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-
-
cpe:2.3:h:siemens:scalance_xf204:-
-
cpe:2.3:h:siemens:scalance_xf204irt:-
-
cpe:2.3:h:siemens:scalance_xf206-1:-
-
cpe:2.3:h:siemens:scalance_xf208:-
-
cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:-
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_x202-2irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x202-2irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x202-2irt_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:-
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_x204-2_firmware:-
-
cpe:2.3:o:siemens:scalance_x204-2_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x204-2fm_firmware:-
-
cpe:2.3:o:siemens:scalance_x204-2fm_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x204-2ld_firmware:-
-
cpe:2.3:o:siemens:scalance_x204-2ld_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:-
-
cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x204-2ts_firmware:-
-
cpe:2.3:o:siemens:scalance_x204-2ts_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x204irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x204irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x204irt_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_x204irt_pro_firmware:-
-
cpe:2.3:o:siemens:scalance_x204irt_pro_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x204irt_pro_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_x206-1_firmware:-
-
cpe:2.3:o:siemens:scalance_x206-1_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x206-1ld_firmware:-
-
cpe:2.3:o:siemens:scalance_x206-1ld_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x208_firmware:-
-
cpe:2.3:o:siemens:scalance_x208_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x208_pro_firmware:-
-
cpe:2.3:o:siemens:scalance_x212-2_firmware:-
-
cpe:2.3:o:siemens:scalance_x212-2_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x212-2ld_firmware:-
-
cpe:2.3:o:siemens:scalance_x212-2ld_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x216_firmware:-
-
cpe:2.3:o:siemens:scalance_x216_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_x224_firmware:-
-
cpe:2.3:o:siemens:scalance_x224_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_xf204-2_firmware:-
-
cpe:2.3:o:siemens:scalance_xf204-2_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_xf204_firmware:-
-
cpe:2.3:o:siemens:scalance_xf204_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_xf204irt_firmware:-
-
cpe:2.3:o:siemens:scalance_xf204irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_xf204irt_firmware:5.5.2
-
cpe:2.3:o:siemens:scalance_xf206-1_firmware:-
-
cpe:2.3:o:siemens:scalance_xf206-1_firmware:5.2.5
-
cpe:2.3:o:siemens:scalance_xf208_firmware:-
-
cpe:2.3:o:siemens:scalance_xf208_firmware:5.2.5