Authentication Bypass in Siemens SCALANCE X-200 Switches
CVE-2013-5944

Currently unrated

Key Information:

Vendor: Siemens
Status: Scalance X-200 Series Firmware; Scalance X-200
Vendor: CVE Published:; 3 October 2013

Summary

The integrated web server on Siemens SCALANCE X-200 switches, including X-200IRT models, may not enforce proper authentication checks. This flaw enables remote adversaries to execute administrative tasks through unauthorized requests to the management interface, posing significant security risks to network integrity.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-17608...

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 3, 2013
Vulnerability Reserved
Sep 27, 2013