PT-2022-27833 · Siemens · Scalance X204Rna+1
Published
2022-12-13
·
Updated
2022-12-15
·
CVE-2022-46350
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SCALANCE X204RNA (HSR) versions prior to V3.2.7
SCALANCE X204RNA (PRP) versions prior to V3.2.7
SCALANCE X204RNA EEC (HSR) versions prior to V3.2.7
SCALANCE X204RNA EEC (PRP) versions prior to V3.2.7
SCALANCE X204RNA EEC (PRP/HSR) versions prior to V3.2.7
Description
A vulnerability has been identified that could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.
Recommendations
For SCALANCE X204RNA (HSR) versions prior to V3.2.7, update to version V3.2.7 or later.
For SCALANCE X204RNA (PRP) versions prior to V3.2.7, update to version V3.2.7 or later.
For SCALANCE X204RNA EEC (HSR) versions prior to V3.2.7, update to version V3.2.7 or later.
For SCALANCE X204RNA EEC (PRP) versions prior to V3.2.7, update to version V3.2.7 or later.
For SCALANCE X204RNA EEC (PRP/HSR) versions prior to V3.2.7, update to version V3.2.7 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Scalance X204Rna
Scalance X204Rna Eec