Siemens SCALANCE X-200RNA Switch Devices Cross-Site Scripting Vulnerability

2022-12-1400:00:00

China National Vulnerability Database

www.cnvd.org.cn

siemens

scalance x-200rna

switch devices

cross-site scripting

vulnerability

industrial ethernet access point

prp endpoint

parallel network

attackers

0.001 Low

EPSS

Percentile

30.7%

JSON

The SCALANCE X-204RNA Industrial Ethernet Access Point enables non-PRP endpoint devices to connect to a separate parallel network as needed.A cross-site scripting vulnerability exists in Siemens SCALANCE X-200RNA Switch Devices, which can be exploited by attackers to trigger malicious requests on the affected device.

CPENameOperatorVersion
siemens scalance x204rna (hsr) (6gk5204-0ba00-2mb2) < veq3.2.7
siemens scalance x204rna (prp) (6gk5204-0ba00-2kb2) < veq3.2.7
siemens scalance x204rna eec (hsr) (6gk5204-0bs00-2na3) < veq3.2.7
siemens scalance x204rna eec (prp) (6gk5204-0bs00-3la3) < veq3.2.7
siemens scalance x204rna eec (prp/hsr) (6gk5204-0bs00-3pa3) < veq3.2.7

Name	Operator	Version
siemens scalance x204rna (hsr) (6gk5204-0ba00-2mb2) < v	eq	3.2.7
siemens scalance x204rna (prp) (6gk5204-0ba00-2kb2) < v	eq	3.2.7
siemens scalance x204rna eec (hsr) (6gk5204-0bs00-2na3) < v	eq	3.2.7
siemens scalance x204rna eec (prp) (6gk5204-0bs00-3la3) < v	eq	3.2.7
siemens scalance x204rna eec (prp/hsr) (6gk5204-0bs00-3pa3) < v	eq	3.2.7

0.001 Low

EPSS

Percentile

30.7%

JSON

Related for CNVD-2022-87969