Lucene search
K

The vulnerability of the microprogramming software in industrial switches SCALANCE X302-7 EEC, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-4M EEC, SCALANCE XR324-4M PoE, SCALANCE XR324-12M, SCALANCE XR324-12M TS, and SIPLUS NET SCALANCE X308-2. This vulnerability is related to the failure to eliminate HTML tags related to scripts on web pages, allowing attackers to perform cross-site scripting attacks.

🗓️ 17 May 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 5 Views

Scalance switches software fails to remove script tags, enabling cross site scripting.

Related
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2022-25756
12 Apr 202209:15
attackerkb
Circl
CVE-2022-25756
12 Apr 202212:23
circl
CNNVD
多款 Siemens 产品跨站脚本漏洞
12 Apr 202200:00
cnnvd
CNVD
Siemens SCALANCE X-300 Switch Family Devices Cross-Site Scripting Vulnerability
13 Apr 202200:00
cnvd
CVE
CVE-2022-25756
12 Apr 202209:07
cve
Cvelist
CVE-2022-25756
12 Apr 202209:07
cvelist
EUVD
EUVD-2022-30411
3 Oct 202520:07
euvd
ICS
Siemens SCALANCE X-300 Switches
12 Apr 202200:00
ics
NCSC
Vulnerabilities fixed in Siemens products
12 Apr 202200:00
ncsc
NVD
CVE-2022-25756
12 Apr 202209:15
nvd
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 May 2022 00:00Current
6.1Medium risk
Vulners AI Score6.1
CVSS 26.8
CVSS 37.9
EPSS0.0054
5