HIGH🇵🇱 Wersja polska

CVE-2022-25754

CVSS 8.8v3.1pub. 2022-04-12upd. 2024-11-21

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Siemens Scalance X302 7eec

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X302 7eec Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X304 2fe

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X304 2fe Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X306 1ldfe

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X306 1ldfe Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X307 2eec

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X307 2eec Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X307 3

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X307 3 Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X307 3ld

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X307 3ld Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X308 2

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X308 2 Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X308 2ld

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X308 2ld Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X308 2lh

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X308 2lh\+

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X308 2lh Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X308 2lh\+ Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X308 2m

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X308 2m Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X308 2m Poe

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X308 2m Poe Firmware

    OS
    Siemens
    wszystkie wersje
  • Siemens Scalance X308 2m Ts

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X308 2m Ts Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X310

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X310fe

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance X310fe Firmware

    OS
    Siemens
    < 4.1.4
  • Siemens Scalance X310 Firmware

    OS
    Siemens
    < 4.1.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-25752CRITICAL9.8ten sam produkt

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANC...

CVE-2020-25226CRITICAL9.8ten sam produkt

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions ...

CVE-2020-15800CRITICAL9.8ten sam produkt

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions ...

CVE-2022-25751HIGH7.5ten sam produkt

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANC...

CVE-2022-25753HIGH8.8ten sam produkt

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANC...