Session Hijacking Vulnerability in Siemens SCALANCE X-200IRT Switches
CVE-2015-1049

Currently unrated

Key Information:

Vendor: Siemens
Status: Scalance X-200 Series Firmware
Vendor: CVE Published:; 2 February 2015

Summary

The SCALANCE X-200IRT switches by Siemens are susceptible to a session hijacking vulnerability due to flaws in the web server component. Attackers can exploit this vulnerability remotely, allowing them to take over sessions through various unspecified methods. It is critical for users of the affected firmware versions to implement appropriate security measures and updates to mitigate this risk.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-95413...

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 2, 2015
Vulnerability Reserved
Jan 13, 2015