CVE-2019-10927
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device.
Affected (5)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.1 |
| Running on/with | Platform Versions |
|---|---|
Siemens Scalance Xb 200 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.1 |
| Running on/with | Platform Versions |
|---|---|
Siemens Scalance Xc 200 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.1 |
| Running on/with | Platform Versions |
|---|---|
Siemens Scalance Xf 200ba | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.1 |
| Running on/with | Platform Versions |
|---|---|
Siemens Scalance Xp 200 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.1 |
| Running on/with | Platform Versions |
|---|---|
Siemens Scalance Xr 300wg | All versions |
References (2)
Source: productcert@siemens.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.