mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
215 lines
6.4 KiB
JSON
215 lines
6.4 KiB
JSON
{
|
|
"id": "CVE-2019-13925",
|
|
"sourceIdentifier": "productcert@siemens.com",
|
|
"published": "2020-02-11T16:15:14.587",
|
|
"lastModified": "2021-04-22T21:15:08.240",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All versions >= V3.0 and < V4.1). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se ha identificado una vulnerabilidad en SCALANCE S602 (Todas las versiones posteriores o iguales a V3.0 y anteriores a V4.1), SCALANCE S612 (Todas las versiones posteriores o iguales a V3.0 y anteriores a V4.1), SCALANCE S623 (Todas las versiones posteriores o iguales a V3.0 y anteriores a V4.1), SCALANCE S627-2M (Todas las versiones posteriores o iguales a V3.0 y anteriores a V4.1). Los paquetes especialmente dise\u00f1ados enviados hacia el puerto 443/tcp de los dispositivos afectados podr\u00edan causar una condici\u00f3n de Denegaci\u00f3n de Servicio del servidor web"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "productcert@siemens.com",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-400"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-400"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:siemens:scalance_s602_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.0",
|
|
"matchCriteriaId": "228B01CB-FE37-4F1E-B949-397B1603640D"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:siemens:scalance_s602:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4D89D82-C2CE-44DC-A05B-B956F20BF4E3"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:siemens:scalance_s612_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.0",
|
|
"matchCriteriaId": "AB45CB9A-BC80-4F78-9B76-021264BC704B"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:siemens:scalance_s612:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CA7B48D2-0D17-420D-AAE1-35E5C0BE2924"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:siemens:scalance_s623_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.0",
|
|
"matchCriteriaId": "0444552F-BD9D-46CE-878B-7F5F55351729"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:siemens:scalance_s623:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F80D9A79-7984-462B-B4B9-6A4429422038"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:siemens:scalance_s627-2m_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.0",
|
|
"matchCriteriaId": "6AC5041C-F924-45D7-80D2-321F88574019"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:siemens:scalance_s627-2m:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B51B40F8-71D2-4D2D-8EC2-CE154A6D7533"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-591405.pdf",
|
|
"source": "productcert@siemens.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-10",
|
|
"source": "productcert@siemens.com"
|
|
}
|
|
]
|
|
} |