{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-44321", "ASSIGNER": "productcert@siemens.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400: Uncontrolled Resource Consumption", "cweId": "CWE-400" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Siemens", "product": { "product_data": [ { "product_name": "SCALANCE XB205-3 (SC, PN)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB205-3 (ST, E/IP)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" }, { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB205-3 (ST, PN)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB205-3LD (SC, E/IP)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB205-3LD (SC, PN)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB208 (E/IP)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB208 (PN)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB213-3 (SC, E/IP)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB213-3 (SC, PN)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB213-3 (ST, E/IP)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB213-3 (ST, PN)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB213-3LD (SC, E/IP)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB213-3LD (SC, PN)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB216 (E/IP)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XB216 (PN)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2 (SC)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2 (ST/BFOC)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2G PoE", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2G PoE (54 V DC)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2G PoE EEC (54 V DC)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2SFP", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2SFP EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2SFP G", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2SFP G (EIP DEF.)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC206-2SFP G EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC208", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC208EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC208G", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC208G (EIP def.)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC208G EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC208G PoE", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC208G PoE (54 V DC)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC216", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC216-3G PoE", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC216-3G PoE (54 V DC)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC216-4C", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC216-4C G", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC216-4C G (EIP Def.)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC216-4C G EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC216EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC224", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC224-4C G", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC224-4C G (EIP Def.)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XC224-4C G EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XF204", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XF204 DNA", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XF204-2BA", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XF204-2BA DNA", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XP208", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XP208 (Ethernet/IP)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XP208EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XP208PoE EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XP216", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XP216 (Ethernet/IP)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XP216EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XP216POE EEC", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XR324WG (24 x FE, AC 230V)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XR324WG (24 X FE, DC 24V)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XR326-2C PoE WG", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XR326-2C PoE WG (without UL)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" }, { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XR328-4C WG (28xGE, AC 230V)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SCALANCE XR328-4C WG (28xGE, DC 24V)", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SIPLUS NET SCALANCE XC206-2", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SIPLUS NET SCALANCE XC206-2SFP", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SIPLUS NET SCALANCE XC208", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } }, { "product_name": "SIPLUS NET SCALANCE XC216-4C", "version": { "version_data": [ { "version_affected": "=", "version_value": "All versions < V4.5" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf", "refsource": "MISC", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf" } ] }, "impact": { "cvss": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "baseScore": 2.7, "baseSeverity": "LOW" } ] } }