CVE-2022-40631 — Cross-site Scripting in Siemens Scalance X200-4p IRT Firmware

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

6.1MEDIUMNVD

EPSS

0.7%

top 28.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Scalance X200-4p IRT Firmware Siemens Scalance X201-3p IRT Firmware Siemens Scalance X201-3p IRT PRO Firmware +57 more

Timeline

PublishedOct 11

Description

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-2P IRT (All versions < V5.5.0), SCALANCE X202-2P IRT PRO (All versions < V5.5.0), SCALANCE X204-2 (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALAN…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages60 packages

▶NVDsiemens/scalance_x204irt_firmware< 5.5.0

▶NVDsiemens/scalance_x204irt_pro_firmware< 5.5.0

▶CVEListV5siemens/scalance_x204irtAll versions < V5.5.0

▶CVEListV5siemens/scalance_x204irt_proAll versions < V5.5.0

▶NVDsiemens/scalance_x204-2_firmware< 5.2.5

🔴Vulnerability Details

GHSA

GHSA-hxq2-rx6m-372p: A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5↗2022-10-11

▶

CVEList

CVE-2022-40631: A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5↗2022-10-11

▶