CVE-2023-44321

Name of the Vulnerable Software and Affected Versions SCALANCE XB205-3 (SC, PN) versions prior to V4.5 SCALANCE XB205-3 (ST, E/IP) versions prior to V4.5

Description The issue is related to the improper validation of input lengths during certain configuration changes in the web interface, allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again. This can be exploited by a remote attacker to cause a denial of service.

Recommendations For SCALANCE XB205-3 (SC, PN) versions prior to V4.5, update to version V4.5 or later to resolve the issue. For SCALANCE XB205-3 (ST, E/IP) versions prior to V4.5, update to version V4.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation.