Web Interface Vulnerability in SCALANCE X-200 Switch Family by Siemens
CVE-2013-3633

Currently unrated

Key Information:

Vendor: Siemens
Status: Scalance X200irt Firmware; Scalance X200-4p Irt; Scalance X201-3p Irt; Scalance X202-2irt
Vendor: CVE Published:; 24 May 2013

Summary

A vulnerability exists in the SCALANCE X-200 switch family and its SIPLUS NET variants, where user privileges for the web interface are enforced only on the client side. This flaw allows attackers to execute privileged commands without proper verification on the server side, potentially compromising the security of the devices and the broader network.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-17068...

x_refsource_MISC

Timeline

Vulnerability published
May 24, 2013
Vulnerability Reserved
May 22, 2013