PT-2013-4532 · Siemens · Scalance X200-4P Irt+4

Published

2013-05-24

Updated

2019-12-12

CVE-2013-3634

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 does not check the user credentials sufficiently. Therefore, an attacker is able to execute SNMP commands without correct credentials.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2013-3634

Affected Products

Scalance X200-4P Irt

Scalance X200Irt Firmware

Scalance X201-3P Irt

Scalance X202-2P Irt

Scalance X204Irt

PT-2013-4532 · Siemens · Scalance X200-4P Irt+4

CVE-2013-3634

Weakness Enumeration

Related Identifiers

Affected Products

References · 2