Vulnerability Details CVE-2022-46355
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The affected products are vulnerable to an "Exposure of Sensitive Information to an Unauthorized Actor" vulnerability by leaking sensitive data in the HTTP Referer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.3%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-46355
-
cpe:2.3:h:siemens:6gk5204-0ba00-2kb2:-
-
cpe:2.3:h:siemens:6gk5204-0ba00-2mb2:-
-
cpe:2.3:h:siemens:6gk5204-0bs00-2na3:-
-
cpe:2.3:h:siemens:6gk5204-0bs00-3la3:-
-
cpe:2.3:h:siemens:6gk5204-0bs00-3pa3:-
-
cpe:2.3:o:siemens:6gk5204-0ba00-2kb2_firmware:*
-
cpe:2.3:o:siemens:6gk5204-0ba00-2mb2_firmware:*
-
cpe:2.3:o:siemens:6gk5204-0bs00-2na3_firmware:*
-
cpe:2.3:o:siemens:6gk5204-0bs00-3la3_firmware:*
-
cpe:2.3:o:siemens:6gk5204-0bs00-3pa3_firmware:*