CVE-2018-16555

Name of the Vulnerable Software and Affected Versions SCALANCE S602 versions prior to 4.0.1.1 SCALANCE S612 versions prior to 4.0.1.1 SCALANCE S623 versions prior to 4.0.1.1 SCALANCE S627-2M versions prior to 4.0.1.1

Description A vulnerability has been identified that could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation, and the user must be logged into the web interface. The issue is related to insufficient protection of the web page structure. At the time of publishing, no public exploitation is known.

Recommendations For SCALANCE S602 versions prior to 4.0.1.1, update to version 4.0.1.1 or later. For SCALANCE S612 versions prior to 4.0.1.1, update to version 4.0.1.1 or later. For SCALANCE S623 versions prior to 4.0.1.1, update to version 4.0.1.1 or later. For SCALANCE S627-2M versions prior to 4.0.1.1, update to version 4.0.1.1 or later.