mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
112 lines
4.5 KiB
JSON
112 lines
4.5 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "productcert@siemens.com",
|
|
"ID": "CVE-2019-10927",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Siemens AG",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "SCALANCE SC-600",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "V2.0"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "SCALANCE XB-200",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "V4.1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "SCALANCE XC-200",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "V4.1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "SCALANCE XF-200BA",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "V4.1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "SCALANCE XP-200",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "V4.1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "SCALANCE XR-300WG",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "V4.1"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-703: Improper Check or Handling of Exceptional Conditions"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device."
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "MISC",
|
|
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-671286.pdf",
|
|
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-671286.pdf"
|
|
}
|
|
]
|
|
}
|
|
} |