Vulnerability Details CVE-2023-29054
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default.
This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data
passed over the connection between legitimate clients and the affected device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.0%
CVSS Severity
CVSS v3 Score 6.7
References
Products affected by CVE-2023-29054
-
cpe:2.3:h:siemens:scalance_x200-4p_irt:-
-
cpe:2.3:h:siemens:scalance_x201-3p_irt:-
-
cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-
-
cpe:2.3:h:siemens:scalance_x202-2irt:-
-
cpe:2.3:h:siemens:scalance_x202-2p_irt:-
-
cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-
-
cpe:2.3:h:siemens:scalance_x204irt:-
-
cpe:2.3:h:siemens:scalance_x204irt_pro:-
-
cpe:2.3:h:siemens:scalance_xf201-3p_irt:-
-
cpe:2.3:h:siemens:scalance_xf202-2p_irt:-
-
cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-
-
cpe:2.3:h:siemens:scalance_xf204irt:-
-
cpe:2.3:h:siemens:siplus_net_scalance_x202-2p_irt:-
-
cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:-
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_x202-2irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x202-2irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:-
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_x204irt_firmware:-
-
cpe:2.3:o:siemens:scalance_x204irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_x204irt_pro_firmware:-
-
cpe:2.3:o:siemens:scalance_x204irt_pro_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:-
-
cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:5.5.0
-
cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:5.5.1
-
cpe:2.3:o:siemens:scalance_xf204irt_firmware:-
-
cpe:2.3:o:siemens:scalance_xf204irt_firmware:5.5.0
-
cpe:2.3:o:siemens:siplus_net_scalance_x202-2p_irt_firmware:-
-
cpe:2.3:o:siemens:siplus_net_scalance_x202-2p_irt_firmware:5.5.0