Lucene search
HistoryFeb 02, 2015 - 3:59 p.m.
CVE-2015-1049
siemens
scalance
x-200irt
web server
vulnerability
firmware
remote attackers
hijack sessions
nvd
cve-2015-1049
6.9 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.7%
The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.
Affected configurations
Node
siemensscalance_x-200_series_firmwareRange≤5.1.1
siemensscalance_x201-3p_irt_pro
ORsiemensscalance_x201-3pirt
ORsiemensscalance_x202-2irt
ORsiemensscalance_x202-2p_irt
ORsiemensscalance_x202-2p_irt_pro
ORsiemensscalance_x202-4p_irt
ORsiemensscalance_x204irt
ORsiemensscalance_x204irt_pro
ORsiemensscalance_xf204irt
| CPE | Name | Operator | Version |
|---|---|---|---|
| siemens:scalance_x-200_series_firmware | siemens scalance x-200 series firmware | le | 5.1.1 |
Related
prion
prion
Code injection
2015-02-02 15:59:00
nessus
nessus
Siemens SCALANCE X-200IRT User Impersonation (CVE-2015-1049)
2023-04-11 00:00:00
Siemens SCALANCE X-200IRT < 5.2.0 Session Hijacking
2015-02-16 00:00:00
ics
ics
Siemens SCALANCE X-200IRT Switch Family User Impersonation Vulnerability
2018-08-29 12:00:00
nvd
nvd
CVE-2015-1049
2015-02-02 15:59:01
cvelist
cvelist
CVE-2015-1049
2015-02-02 15:00:00
6.9 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.7%
Related for CVE-2015-1049