Siemens: >> Scalance X-200 Series Firmware Security Vulnerabilities
The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.005
Published
2015-02-02
The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management interface.
CVSS Score
10.0
EPSS Score
0.015
Published
2013-10-03
The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value.
CVSS Score
8.3
EPSS Score
0.022
Published
2013-09-17