Lucene search

[email protected]CVE-2012-1802

HistoryApr 18, 2012 - 10:33 a.m.

CVE-2012-1802

2012-04-1810:33:35

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-1802

buffer overflow

siemens scalance x

industrial ethernet

switch

nvd

cve

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

8.5 High

AI Score

Confidence

High

0.061 Low

EPSS

Percentile

93.6%

JSON

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a malformed URL.

Affected configurations

NVD

Node

siemensscalance_x414-3e_firmwareRange≤3.7.0

siemensscalance_x414-3e_firmwareMatch1.2.2

siemensscalance_x414-3e_firmwareMatch2.1.1

siemensscalance_x414-3e_firmwareMatch2.2.0

siemensscalance_x414-3e_firmwareMatch2.3.2

siemensscalance_x414-3e_firmwareMatch2.3.3

siemensscalance_x414-3e_firmwareMatch3.0.0

siemensscalance_x414-3e_firmwareMatch3.0.2

siemensscalance_x414-3e_firmwareMatch3.3.0

siemensscalance_x414-3e_firmwareMatch3.4.0

AND

siemensscalance_x414-3eMatch-

Node

siemensscalance_x308-2m_firmwareRange≤3.7.0

siemensscalance_x308-2m_firmwareMatch3.1.1

siemensscalance_x308-2m_firmwareMatch3.5.0

siemensscalance_x308-2m_firmwareMatch3.5.2

AND

siemensscalance_x308-2mMatch-

Node

siemensscalance_x-300eec_firmwareRange≤3.7.0

siemensscalance_x-300eec_firmwareMatch3.5.0

AND

siemensscalance_x-300eecMatch-

Node

siemensscalance_xr-300_firmwareRange≤3.7.0

siemensscalance_xr-300_firmwareMatch3.1.1

siemensscalance_xr-300_firmwareMatch3.5.0

AND

siemensscalance_xr-300Match-

Node

siemensscalance_x-300_firmwareRange≤3.7.0

siemensscalance_x-300_firmwareMatch2.2.0

siemensscalance_x-300_firmwareMatch2.3.1

siemensscalance_x-300_firmwareMatch3.0.0

siemensscalance_x-300_firmwareMatch3.3.1

siemensscalance_x-300_firmwareMatch3.5.0

siemensscalance_x-300_firmwareMatch3.5.1

AND

siemensscalance_x-300Match-

CPENameOperatorVersion
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwarele3.7.0
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwareeq1.2.2
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwareeq2.1.1
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwareeq2.2.0
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwareeq2.3.2
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwareeq2.3.3
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwareeq3.0.0
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwareeq3.0.2
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwareeq3.3.0
siemens:scalance_x414-3e_firmwaresiemens scalance x414-3e firmwareeq3.4.0

CPE	Name	Operator	Version
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	le	3.7.0
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	eq	1.2.2
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	eq	2.1.1
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	eq	2.2.0
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	eq	2.3.2
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	eq	2.3.3
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	eq	3.0.0
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	eq	3.0.2
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	eq	3.3.0
siemens:scalance_x414-3e_firmware	siemens scalance x414-3e firmware	eq	3.4.0