Vulnerability CVE-2014-8478


Published: 2015-01-21   Modified: 2015-01-22

Description:
The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote attackers to cause a denial of service (reboot) via malformed HTTP requests.

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Vendor: Siemens
Product: Scalance x-300 series firmware 
Version: 3.9.3;
Product: Scalance x-408 firmware 
Version: 3.9.3;

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-321046.pdf

Related CVE
CVE-2017-12741
A vulnerability has been identified in SIMATIC S7-200 Smart, SIMATIC S7-400 PN V6, SIMATIC S7-400 H V6, SIMATIC S7-400 PN/DP V7, SIMATIC S7-410 V8, SIMATIC S7-300, SIMATIC S7-1200, SIMATIC S7-1500, SIMATIC S7-1500 Software Controller, SIMATIC WinAC R...
CVE-2017-12739
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote attacker...
CVE-2017-12737
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote attacker...
CVE-2017-12738
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow Cross-Site Scripting (XSS) atta...
CVE-2017-14023
An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote ...
CVE-2017-9945
In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. The affected component...
CVE-2017-12735
A vulnerability has been identified in Siemens LOGO! devices. An attacker who performs a Man-in-the-Middle attack between the LOGO! BM and other devices could potentially decrypt and modify network traffic.
CVE-2017-12734
A vulnerability has been identified in Siemens LOGO! devices before V1.81.2. An attacker with network access to the integrated web server on port 80/tcp could obtain the session ID of an active user session. A user must be logged in to the web interf...

Copyright 2018, cxsecurity.com

 

Back to Top