PT-2019-1886 · Siemens · Scalance

Published

2019-03-12

Updated

2022-07-12

CVE-2019-6569

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Scalance X (affected versions not specified)

Description The issue is related to insufficient monitoring barrier in the affected products, allowing data to be forwarded over the mirror port into the mirrored network. This behavior can be exploited by an attacker to transmit malicious packets to systems in the mirrored network, potentially influencing their configuration and runtime behavior. The vulnerability is also associated with inadequate input validation, which could enable a remote attacker to bypass firewall measures by sending malicious packets to the mirrored network.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-440

Related Identifiers

BDU:2019-01539

CVE-2019-6569

Affected Products

Scalance

PT-2019-1886 · Siemens · Scalance

CVE-2019-6569

Weakness Enumeration

Related Identifiers

Affected Products

References · 4