admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-01 11:11:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-443xx/CVE-2023-44321.json

59 lines
8.3 KiB
JSON
Raw Normal View History

Auto-Update: 2023-11-14T13:00:18.021497+00:00
2023-11-14 13:00:21 +00:00
{
"id": "CVE-2023-44321",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-11-14T11:15:12.973",
Auto-Update: 2023-11-14T17:00:18.860274+00:00
2023-11-14 17:00:22 +00:00
"lastModified": "2023-11-14T15:15:45.277",
"vulnStatus": "Awaiting Analysis",
Auto-Update: 2023-11-14T13:00:18.021497+00:00
2023-11-14 13:00:21 +00:00
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again."
Auto-Update: 2023-11-14T17:00:18.860274+00:00
2023-11-14 17:00:22 +00:00
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en: \nSCALANCE XB205-3 (SC, PN) (V &lt; 4.5), \nSCALANCE XB205-3 (ST, E/IP) (V &lt; 4.5), \nSCALANCE XB205-3 (ST , E/IP) (V &lt; 4.5), \nSCALANCE XB205-3 (ST, PN) (V &lt; 4.5), \nSCALANCE XB205-3LD (SC, E/IP) (V &lt; 4.5 ), \nSCALANCE XB205-3LD (SC, PN) (V &lt; 4.5), \nSCALANCE XB208 (E/IP) (V &lt; 4.5), \nSCALANCE XB208 (PN) (V &lt; 4.5), \nSCALANCE XB213-3 (SC, E/IP) (V &lt; 4.5), \nSCALANCE XB213-3 (SC, PN) (V &lt; 4.5), \nSCALANCE XB213-3 (ST, E/IP) ( V &lt; 4.5), \nSCALANCE XB213-3 (ST, PN) (V &lt; 4.5), \nSCALANCE XB213-3LD (SC, E/IP) (V &lt; 4.5), \nSCALANCE XB213-3LD (SC, PN) (V &lt; 4.5), \nSCALANCE XB216 (E/IP) (V &lt; 4.5), \nSCALANCE XB216 (PN) (V &lt; 4.5), \nSCALANCE XC206-2 (SC ) (V &lt; 4.5), \nSCALANCE XC206-2 (ST/BFOC) (V &lt; 4.5), \nSCALANCE XC206-2G PoE (V &lt; 4.5), \nSCALANCE XC206-2G PoE (54 V DC) (V &lt; 4.5), \nSCALANCE XC206-2G PoE EEC (54 V DC) (V &lt; 4.5), \nSCALANCE XC206-2SFP (V &lt; 4.5), \nSCALANCE XC206-2SFP EEC ( V &lt; 4.5), \nSCALANCE XC206-2SFP G (V &lt; 4.5), \nSCALANCE XC206-2SFP G (EIP DEF.) (V &lt; 4.5), \nSCALANCE XC206-2SFP G EEC (V &lt; 4.5), \nSCALANCE XC208 (V &lt; 4.5), \nSCALANCE XC208EEC (V &lt; 4.5), \nSCALANCE XC208G (V &lt; 4.5), \nSCALANCE XC208G (EIP def.) (V &lt; 4.5), \nSCALANCE XC208G EEC (V &lt; 4.5), \nSCALANCE XC208G PoE (V &lt; 4.5), \nSCALANCE XC208G PoE (54 V DC) (V &lt; 4.5), \nSCALANCE XC216 (V &lt; 4.5), \nSCALANCE XC216-3G PoE (V &lt; 4.5), \nSCALANCE XC216-3G PoE (54 V DC) (V &lt; 4.5), \nSCALANCE XC216-4C (V &lt; 4. 5), \nSCALANCE XC216-4C G (V &lt; 4.5), \nSCALANCE XC216-4C G (EIP Def.) (V &lt; 4.5), \nSCALANCE XC216-4C G EEC (V &lt; 4.5) , \nSCALANCE XC216EEC (V &lt; 4.5), \nSCALANCE XC224 (V &lt; 4.5), \nSCALANCE XC224-4C G (V &lt; 4.5), \nSCALANCE XC224-4C G (EIP Def.) (V &lt; 4.5), \nSCALANCE XC224-4C G EEC (V &lt; 4.5), \nSCALANCE XF204 (V &lt; 4.5), \nSCALANCE XF204 DNA (V &lt; 4.5), \nSCALANCE XF204-2BA (V &lt; 4.5), \nSCALANCE XF204-2BA DNA (V &lt; 4.5), \nSCALANCE XP208 (V &lt; 4.5), \nSCALANCE XP208 (Ethernet/IP) (V &lt; 4.5), \nSCALANCE XP208EEC (V &lt; 4.5), \nSCALANCE XP208PoE EEC (V &lt; 4.5), \nSCALANCE XP216 (V &lt; 4.5), \nSCALANCE XP216 (Ethernet/IP) (V &lt; 4.5), \nSCALANCE XP216EEC (V &lt; 4.5), \nSCALANCE XP216POE EEC (V &lt; 4.5), \nSCALANCE XR324WG (24 x FE, AC 230V) (V &lt; 4.5), \nSCALANCE XR324WG (24 X FE, DC 24V) (V &lt; 4.5), \nSCALANCE XR326-2C PoE WG (V &lt; 4.5), \nSCALANCE XR326-2C PoE WG (sin UL) (V &lt; 4.5), \nSCALANCE XR328-4C WG (24XFE , 4XGE, 24V) (V &lt; 4.5), \nSCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (V &lt; 4.5), \nSCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (V &lt; 4.5), \nSCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (V &lt; 4.5), \nSCALANCE XR328-4C WG (28xGE, AC 230V) (V &lt; 4.5), \nSCALANCE XR328- 4C WG (28xGE, DC 24V) (V &lt; 4.5), \nSIPLUS NET SCALANCE XC206-2 (V &lt; 4.5), \nSIPLUS NET SCALANCE XC206-2SFP (V &lt; 4.5), \nSIPLUS NET SCALANCE XC208 (V &lt; 4.5), \nSIPLUS NET SCALANCE XC216-4C (V &lt; 4.5).\nLos dispositivos afectados no validan adecuadamente la longitud de las entradas al realizar ciertos cambios de configuraci\u00f3n en la interfaz web, lo que permite que un atacante autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio. Es necesario reiniciar el dispositivo para que la interfaz web vuelva a estar disponible."
Auto-Update: 2023-11-14T13:00:18.021497+00:00
2023-11-14 13:00:21 +00:00
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf",
"source": "productcert@siemens.com"
}
]
}
Reference in New Issue Copy Permalink