Note:
This project will be discontinued after December 13, 2021. [more]
Product:
6gk5204\-0bs00\-2na3_firmware
(Siemens)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-12-13 | CVE-2022-46350 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious... | 6gk5204\-0ba00\-2kb2_firmware, 6gk5204\-0ba00\-2mb2_firmware, 6gk5204\-0bs00\-2na3_firmware, 6gk5204\-0bs00\-3la3_firmware, 6gk5204\-0bs00\-3pa3_firmware | 6.1 | ||
| 2022-12-13 | CVE-2022-46351 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). | 6gk5204\-0ba00\-2kb2_firmware, 6gk5204\-0ba00\-2mb2_firmware, 6gk5204\-0bs00\-2na3_firmware, 6gk5204\-0bs00\-3la3_firmware, 6gk5204\-0bs00\-3pa3_firmware | 5.5 | ||
| 2022-12-13 | CVE-2022-46352 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products. | 6gk5204\-0ba00\-2kb2_firmware, 6gk5204\-0ba00\-2mb2_firmware, 6gk5204\-0bs00\-2na3_firmware, 6gk5204\-0bs00\-3la3_firmware, 6gk5204\-0bs00\-3pa3_firmware | 7.5 | ||
| 2022-12-13 | CVE-2022-46353 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions. | 6gk5204\-0ba00\-2kb2_firmware, 6gk5204\-0ba00\-2mb2_firmware, 6gk5204\-0bs00\-2na3_firmware, 6gk5204\-0bs00\-3la3_firmware, 6gk5204\-0bs00\-3pa3_firmware | 9.8 | ||
| 2022-12-13 | CVE-2022-46354 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances. | 6gk5204\-0ba00\-2kb2_firmware, 6gk5204\-0ba00\-2mb2_firmware, 6gk5204\-0bs00\-2na3_firmware, 6gk5204\-0bs00\-3la3_firmware, 6gk5204\-0bs00\-3pa3_firmware | 5.3 | ||
| 2022-12-13 | CVE-2022-46355 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The affected products are vulnerable to an "Exposure of Sensitive Information to an Unauthorized Actor" vulnerability by leaking sensitive data in the HTTP Referer. | 6gk5204\-0ba00\-2kb2_firmware, 6gk5204\-0ba00\-2mb2_firmware, 6gk5204\-0bs00\-2na3_firmware, 6gk5204\-0bs00\-3la3_firmware, 6gk5204\-0bs00\-3pa3_firmware | 7.5 |