{ "id": "CVE-2024-30189", "sourceIdentifier": "productcert@siemens.com", "published": "2024-04-09T09:15:24.873", "lastModified": "2024-11-21T09:11:23.883", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) (All versions), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) (All versions), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) (All versions), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) (All versions), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) (All versions), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) (All versions), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) (All versions), SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) (All versions), SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) (All versions), SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) (All versions), SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) (All versions), SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) (All versions), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) (All versions), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) (All versions), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) (All versions), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) (All versions), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) (All versions), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) (All versions), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) (All versions), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) (All versions), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) (All versions), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) (All versions), SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) (All versions), SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) (All versions), SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) (All versions), SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) (All versions), SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) (All versions), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) (All versions), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) (All versions), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) (All versions), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) (All versions), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) (All versions), SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) (All versions), SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) (All versions), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) (All versions), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) (All versions), SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) (All versions), SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) (All versions), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) (All versions), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) (All versions), SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) (All versions), SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) (All versions), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) (All versions), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) (All versions), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) (All versions), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) (All versions), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) (All versions), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) (All versions). This CVE refers to Scenario 1 \"Leak frames from the Wi-Fi queue\" of CVE-2022-47522.\r\n\r\nAffected devices queue frames in order to subsequently change the security context and leak the queued frames. This could allow a physically proximate attacker to intercept (possibly cleartext) target-destined frames." }, { "lang": "es", "value": "Se ha identificado una vulnerabilidad en SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (Todas las versiones), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) (Todas las versiones), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) (Todas las versiones), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) (Todas las versiones), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) (Todas las versiones), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) (Todas las versiones), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) (Todas las versiones), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) (Todas las versiones), SCALANCE W734-1 RJ45 (EE. UU.) (6GK5734-1FX00-0AB6) (Todas las versiones), SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) (Todas las versiones), SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) (Todas las versiones), SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) (Todas las versiones), SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) (Todas las versiones), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) (Todas las versiones), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) (Todas las versiones), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) (Todas las versiones), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) (Todas las versiones), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) (Todas las versiones), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) (Todas las versiones), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) (Todas las versiones), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) (Todas las versiones), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) (Todas las versiones), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) (Todas las versiones), SCALANCE W774-1 RJ45 (EE. UU.) (6GK5774-1FX00-0AB6) (Todas las versiones), SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) (Todas las versiones), SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) (Todas las versiones), SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) (Todas las versiones), SCALANCE W778-1 M12 EEC (EE. UU.) (6GK5778-1GY00-0TB0) (Todas las versiones), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) (Todas las versiones), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) (Todas las versiones), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) (Todas las versiones), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) (Todas las versiones), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) (Todas las versiones), SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) (Todas las versiones), SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) (Todas las versiones), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) (Todas las versiones), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) (Todas las versiones), SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) (Todas las versiones), SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) (Todas las versiones), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) (Todas las versiones), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) (Todas las versiones), SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) (Todas las versiones), SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) (Todas las versiones), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) (Todas las versiones), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) (Todas las versiones), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) (Todas las versiones), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) (Todas las versiones), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) (Todas las versiones), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) (todas las versiones). Esta CVE hace referencia al escenario 1 \"Fuga de tramas de la cola de Wi-Fi\" de CVE-2022-47522. Los dispositivos afectados ponen en cola tramas para luego cambiar el contexto de seguridad y filtrar las tramas en cola. Esto podr\u00eda permitir que un atacante f\u00edsicamente pr\u00f3ximo intercepte (posiblemente en texto plano) tramas destinadas al objetivo." } ], "metrics": { "cvssMetricV31": [ { "source": "productcert@siemens.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "exploitabilityScore": 1.7, "impactScore": 4.0 } ] }, "weaknesses": [ { "source": "productcert@siemens.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-290" } ] } ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-457702.html", "source": "productcert@siemens.com" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-457702.html", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }