nvd-json-data-feeds/CVE-2023/CVE-2023-443xx/CVE-2023-44319.json

{
  "id": "CVE-2023-44319",
  "sourceIdentifier": "productcert@siemens.com",
  "published": "2023-11-14T11:15:12.510",
  "lastModified": "2023-11-14T15:15:45.277",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that tricks a legitimate administrator to upload a modified configuration file to change the configuration of an affected device."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en: \nSCALANCE XB205-3 (SC, PN) (V &lt; 4.5), \nSCALANCE XB205-3 (ST, E/IP) (V &lt; 4.5), \nSCALANCE XB205-3 (ST , E/IP) (V &lt; 4.5), \nSCALANCE XB205-3 (ST, PN) (V &lt; 4.5), \nSCALANCE XB205-3LD (SC, E/IP) (V &lt; 4.5 ), \nSCALANCE XB205-3LD (SC, PN) (V &lt; 4.5), \nSCALANCE XB208 (E/IP) (V &lt; 4.5), \nSCALANCE XB208 (PN) (V &lt; 4.5), \nSCALANCE XB213-3 (SC, E/IP) (V &lt; 4.5), \nSCALANCE XB213-3 (SC, PN) (V &lt; 4.5), \nSCALANCE XB213-3 (ST, E/IP) ( V &lt; 4.5), \nSCALANCE XB213-3 (ST, PN) (V &lt; 4.5), \nSCALANCE XB213-3LD (SC, E/IP) (V &lt; 4.5), \nSCALANCE XB213-3LD (SC, PN) (V &lt; 4.5), \nSCALANCE XB216 (E/IP) (V &lt; 4.5), \nSCALANCE XB216 (PN) (V &lt; 4.5), \nSCALANCE XC206-2 (SC ) (V &lt; 4.5), \nSCALANCE XC206-2 (ST/BFOC) (V &lt; 4.5), \nSCALANCE XC206-2G PoE (V &lt; 4.5), \nSCALANCE XC206-2G PoE (54 V DC) (V &lt; 4.5), \nSCALANCE XC206-2G PoE EEC (54 V DC) (V &lt; 4.5), \nSCALANCE XC206-2SFP (V &lt; 4.5), \nSCALANCE XC206-2SFP EEC ( V &lt; 4.5), \nSCALANCE XC206-2SFP G (V &lt; 4.5), \nSCALANCE XC206-2SFP G (EIP DEF.) (V &lt; 4.5), \nSCALANCE XC206-2SFP G EEC (V &lt; 4.5), \nSCALANCE XC208 (V &lt; 4.5), \nSCALANCE XC208EEC (V &lt; 4.5), \nSCALANCE XC208G (V &lt; 4.5), \nSCALANCE XC208G (EIP def.) (V &lt; 4.5), \nSCALANCE XC208G EEC (V &lt; 4.5), \nSCALANCE XC208G PoE (V &lt; 4.5), \nSCALANCE XC208G PoE (54 V DC) (V &lt; 4.5), \nSCALANCE XC216 (V &lt; 4.5), \nSCALANCE XC216-3G PoE (V &lt; 4.5), \nSCALANCE XC216-3G PoE (54 V DC) (V &lt; 4.5), \nSCALANCE XC216-4C (V &lt; 4. 5), \nSCALANCE XC216-4C G (V &lt; 4.5), \nSCALANCE XC216-4C G (EIP Def.) (V &lt; 4.5), \nSCALANCE XC216-4C G EEC (V &lt; 4.5) , \nSCALANCE XC216EEC (V &lt; 4.5), \nSCALANCE XC224 (V &lt; 4.5), \nSCALANCE XC224-4C G (V &lt; 4.5), \nSCALANCE XC224-4C G (EIP Def.) (V &lt; 4.5), \nSCALANCE XC224-4C G EEC (V &lt; 4.5), \nSCALANCE XF204 (V &lt; 4.5), \nSCALANCE XF204 DNA (V &lt; 4.5), \nSCALANCE XF204-2BA (V &lt; 4.5), \nSCALANCE XF204-2BA DNA (V &lt; 4.5), \nSCALANCE XP208 (V &lt; 4.5), \nSCALANCE XP208 (Ethernet/IP) (V &lt; 4.5), \nSCALANCE XP208EEC (V &lt; 4.5), \nSCALANCE XP208PoE EEC (V &lt; 4.5), \nSCALANCE XP216 (V &lt; 4.5), \nSCALANCE XP216 (Ethernet/IP) (V &lt; 4.5), \nSCALANCE XP216EEC (V &lt; 4.5), \nSCALANCE XP216POE EEC (V &lt; 4.5), \nSCALANCE XR324WG (24 x FE, AC 230V) (V &lt; 4.5), \nSCALANCE XR324WG (24 X FE, DC 24V) (V &lt; 4.5), \nSCALANCE XR326-2C PoE WG (V &lt; 4.5), \nSCALANCE XR326-2C PoE WG (sin UL) (V &lt; 4.5), \nSCALANCE XR328-4C WG (24XFE , 4XGE, 24V) (V &lt; 4.5), \nSCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (V &lt; 4.5), \nSCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (V &lt; 4.5), \nSCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (V &lt; 4.5), \nSCALANCE XR328-4C WG (28xGE, AC 230V) (V &lt; 4.5), \nSCALANCE XR328- 4C WG (28xGE, DC 24V) (V &lt; 4.5), \nSIPLUS NET SCALANCE XC206-2 (V &lt; 4.5), \nSIPLUS NET SCALANCE XC206-2SFP (V &lt; 4.5), \nSIPLUS NET SCALANCE XC208 (V &lt; 4.5), \nSIPLUS NET SCALANCE XC216-4C (V &lt; 4.5).\nLos dispositivos afectados utilizan un algoritmo de suma de comprobaci\u00f3n d\u00e9bil para proteger la copia de seguridad de la configuraci\u00f3n que un administrador puede exportar desde el dispositivo. Esto podr\u00eda permitir que un atacante autenticado con privilegios administrativos o un atacante que enga\u00f1e a un administrador leg\u00edtimo cargue un archivo de configuraci\u00f3n modificado para cambiar la configuraci\u00f3n de un dispositivo afectado."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "productcert@siemens.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "productcert@siemens.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-328"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf",
      "source": "productcert@siemens.com"
    }
  ]
}
Auto-Update: 2023-11-14T13:00:18.021497+00:00 2023-11-14 13:00:21 +00:00			`{`
			`"id": "CVE-2023-44319",`
			`"sourceIdentifier": "productcert@siemens.com",`
			`"published": "2023-11-14T11:15:12.510",`
Auto-Update: 2023-11-14T17:00:18.860274+00:00 2023-11-14 17:00:22 +00:00			`"lastModified": "2023-11-14T15:15:45.277",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2023-11-14T13:00:18.021497+00:00 2023-11-14 13:00:21 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			"value": "A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that tricks a legitimate administrator to upload a modified configuration file to change the configuration of an affected device."
Auto-Update: 2023-11-14T17:00:18.860274+00:00 2023-11-14 17:00:22 +00:00			`},`
			`{`
			`"lang": "es",`
			"value": "Se ha identificado una vulnerabilidad en: \nSCALANCE XB205-3 (SC, PN) (V < 4.5), \nSCALANCE XB205-3 (ST, E/IP) (V < 4.5), \nSCALANCE XB205-3 (ST , E/IP) (V < 4.5), \nSCALANCE XB205-3 (ST, PN) (V < 4.5), \nSCALANCE XB205-3LD (SC, E/IP) (V < 4.5 ), \nSCALANCE XB205-3LD (SC, PN) (V < 4.5), \nSCALANCE XB208 (E/IP) (V < 4.5), \nSCALANCE XB208 (PN) (V < 4.5), \nSCALANCE XB213-3 (SC, E/IP) (V < 4.5), \nSCALANCE XB213-3 (SC, PN) (V < 4.5), \nSCALANCE XB213-3 (ST, E/IP) ( V < 4.5), \nSCALANCE XB213-3 (ST, PN) (V < 4.5), \nSCALANCE XB213-3LD (SC, E/IP) (V < 4.5), \nSCALANCE XB213-3LD (SC, PN) (V < 4.5), \nSCALANCE XB216 (E/IP) (V < 4.5), \nSCALANCE XB216 (PN) (V < 4.5), \nSCALANCE XC206-2 (SC ) (V < 4.5), \nSCALANCE XC206-2 (ST/BFOC) (V < 4.5), \nSCALANCE XC206-2G PoE (V < 4.5), \nSCALANCE XC206-2G PoE (54 V DC) (V < 4.5), \nSCALANCE XC206-2G PoE EEC (54 V DC) (V < 4.5), \nSCALANCE XC206-2SFP (V < 4.5), \nSCALANCE XC206-2SFP EEC ( V < 4.5), \nSCALANCE XC206-2SFP G (V < 4.5), \nSCALANCE XC206-2SFP G (EIP DEF.) (V < 4.5), \nSCALANCE XC206-2SFP G EEC (V < 4.5), \nSCALANCE XC208 (V < 4.5), \nSCALANCE XC208EEC (V < 4.5), \nSCALANCE XC208G (V < 4.5), \nSCALANCE XC208G (EIP def.) (V < 4.5), \nSCALANCE XC208G EEC (V < 4.5), \nSCALANCE XC208G PoE (V < 4.5), \nSCALANCE XC208G PoE (54 V DC) (V < 4.5), \nSCALANCE XC216 (V < 4.5), \nSCALANCE XC216-3G PoE (V < 4.5), \nSCALANCE XC216-3G PoE (54 V DC) (V < 4.5), \nSCALANCE XC216-4C (V < 4. 5), \nSCALANCE XC216-4C G (V < 4.5), \nSCALANCE XC216-4C G (EIP Def.) (V < 4.5), \nSCALANCE XC216-4C G EEC (V < 4.5) , \nSCALANCE XC216EEC (V < 4.5), \nSCALANCE XC224 (V < 4.5), \nSCALANCE XC224-4C G (V < 4.5), \nSCALANCE XC224-4C G (EIP Def.) (V < 4.5), \nSCALANCE XC224-4C G EEC (V < 4.5), \nSCALANCE XF204 (V < 4.5), \nSCALANCE XF204 DNA (V < 4.5), \nSCALANCE XF204-2BA (V < 4.5), \nSCALANCE XF204-2BA DNA (V < 4.5), \nSCALANCE XP208 (V < 4.5), \nSCALANCE XP208 (Ethernet/IP) (V < 4.5), \nSCALANCE XP208EEC (V < 4.5), \nSCALANCE XP208PoE EEC (V < 4.5), \nSCALANCE XP216 (V < 4.5), \nSCALANCE XP216 (Ethernet/IP) (V < 4.5), \nSCALANCE XP216EEC (V < 4.5), \nSCALANCE XP216POE EEC (V < 4.5), \nSCALANCE XR324WG (24 x FE, AC 230V) (V < 4.5), \nSCALANCE XR324WG (24 X FE, DC 24V) (V < 4.5), \nSCALANCE XR326-2C PoE WG (V < 4.5), \nSCALANCE XR326-2C PoE WG (sin UL) (V < 4.5), \nSCALANCE XR328-4C WG (24XFE , 4XGE, 24V) (V < 4.5), \nSCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (V < 4.5), \nSCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (V < 4.5), \nSCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (V < 4.5), \nSCALANCE XR328-4C WG (28xGE, AC 230V) (V < 4.5), \nSCALANCE XR328- 4C WG (28xGE, DC 24V) (V < 4.5), \nSIPLUS NET SCALANCE XC206-2 (V < 4.5), \nSIPLUS NET SCALANCE XC206-2SFP (V < 4.5), \nSIPLUS NET SCALANCE XC208 (V < 4.5), \nSIPLUS NET SCALANCE XC216-4C (V < 4.5).\nLos dispositivos afectados utilizan un algoritmo de suma de comprobaci\u00f3n d\u00e9bil para proteger la copia de seguridad de la configuraci\u00f3n que un administrador puede exportar desde el dispositivo. Esto podr\u00eda permitir que un atacante autenticado con privilegios administrativos o un atacante que enga\u00f1e a un administrador leg\u00edtimo cargue un archivo de configuraci\u00f3n modificado para cambiar la configuraci\u00f3n de un dispositivo afectado."
Auto-Update: 2023-11-14T13:00:18.021497+00:00 2023-11-14 13:00:21 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "productcert@siemens.com",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "HIGH",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "NONE",`
			`"baseScore": 4.9,`
			`"baseSeverity": "MEDIUM"`
			`},`
			`"exploitabilityScore": 1.2,`
			`"impactScore": 3.6`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "productcert@siemens.com",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-328"`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf",`
			`"source": "productcert@siemens.com"`
			`}`
			`]`
			`}`