PT-2022-27838 · Siemens · Scalance X204Rna+1
Published
2022-12-13
·
Updated
2023-06-23
·
CVE-2022-46355
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SCALANCE X204RNA (HSR) versions prior to V3.2.7
SCALANCE X204RNA (PRP) versions prior to V3.2.7
SCALANCE X204RNA EEC (HSR) versions prior to V3.2.7
SCALANCE X204RNA EEC (PRP) versions prior to V3.2.7
SCALANCE X204RNA EEC (PRP/HSR) versions prior to V3.2.7
Description
The affected products are vulnerable to an exposure of sensitive information to an unauthorized actor by leaking sensitive data in the HTTP Referer. This issue allows unauthorized access to sensitive information.
Recommendations
For SCALANCE X204RNA (HSR) versions prior to V3.2.7, update to version V3.2.7 or later to resolve the issue.
For SCALANCE X204RNA (PRP) versions prior to V3.2.7, update to version V3.2.7 or later to resolve the issue.
For SCALANCE X204RNA EEC (HSR) versions prior to V3.2.7, update to version V3.2.7 or later to resolve the issue.
For SCALANCE X204RNA EEC (PRP) versions prior to V3.2.7, update to version V3.2.7 or later to resolve the issue.
For SCALANCE X204RNA EEC (PRP/HSR) versions prior to V3.2.7, update to version V3.2.7 or later to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Scalance X204Rna
Scalance X204Rna Eec