CVE-2018-4848

Name of the Vulnerable Software and Affected Versions: SCALANCE X-200 switch family (incl. SIPLUS NET variants) versions prior to V5.2.3 SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) versions prior to V5.4.1 SCALANCE X-200RNA switch family versions prior to V3.2.7 SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) versions prior to V4.1.3

Description: The issue is related to the lack of protection for the web page structure in the integrated configuration web server of the affected devices. This could allow an attacker to perform Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for successful exploitation, and the user must be logged into the web interface. At the time of publishing, no public exploitation is known.

Recommendations: For SCALANCE X-200 switch family (incl. SIPLUS NET variants) versions prior to V5.2.3, update to version V5.2.3 or later to resolve the issue. For SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) versions prior to V5.4.1, update to version V5.4.1 or later to resolve the issue. For SCALANCE X-200RNA switch family versions prior to V3.2.7, update to version V3.2.7 or later to resolve the issue. For SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) versions prior to V4.1.3, update to version V4.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation.