CVE-2019-13924

CWE-693 CWE-1021 — Clickjacking3 documents3 sources

Severity

5.4MEDIUM

EPSS

0.3%

top 49.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Scalance X-300 Firmware Siemens Scalance Xb-200 Firmware Siemens Scalance Xc-200 Firmware +12 more

Timeline

PublishedFeb 11

Latest updateMay 24

Description

A vulnerability has been identified in SCALANCE S602 (All versions < V4.1), SCALANCE S612 (All versions < V4.1), SCALANCE S623 (All versions < V4.1), SCALANCE S627-2M (All versions < V4.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < 5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < 4.1.3…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages15 packages

▶CVEListV5siemens/scalance_x-200irt_switch_family_(incl._siplus_net_variants)All versions < V5.5.0

▶CVEListV5siemens/scalance_x-300_switch_family_(incl._x408_and_siplus_net_variants)All versions < 4.1.3

▶CVEListV5siemens/scalance_x-200_switch_family_(incl._siplus_net_variants)All versions < 5.2.4

▶CVEListV5siemens/scalance_x-200rna_switch_familyAll versions < V3.2.7

▶CVEListV5siemens/scalance_s602All versions < V4.1

🔴Vulnerability Details

GHSA

GHSA-9v8p-c94c-q287: A vulnerability has been identified in SCALANCE X-200 switch family (incl↗2022-05-24

▶

CVEList

CVE-2019-13924: A vulnerability has been identified in SCALANCE S602 (All versions < V4↗2020-02-11

▶