CVE-2020-15799

6.5MEDIUM

Key Information:

Vendor: Siemens
Status: Scalance X-200 Switch Family (incl. Siplus Net Variants); Scalance X-200irt Switch Family (incl. Siplus Net Variants)
Vendor: CVE Published:; 12 January 2021

Summary

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.

Affected Version(s)

SCALANCE X-200 switch family (incl. SIPLUS NET variants) All versions < V5.2.5

SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) All versions < V5.5.0

References

https://cert-portal.siemens.com/productcert/pdf/ssa-13962...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 12, 2021
Vulnerability Reserved
Jul 15, 2020