Lucene search
SiemensCVELIST:CVE-2018-16555HistoryDec 13, 2018 - 4:00 p.m.
CVE-2018-16555
2018-12-1316:00:00
CWE-80
siemens
www.cve.org
0.001 Low
EPSS
Percentile
22.1%
A vulnerability has been identified in SCALANCE S602 (All versions < V4.0.1.1), SCALANCE S612 (All versions < V4.0.1.1), SCALANCE S623 (All versions < V4.0.1.1), SCALANCE S627-2M (All versions < V4.0.1.1). The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known.
CNA Affected
[
{
"product": "SCALANCE S602, SCALANCE S612, SCALANCE S623, SCALANCE S627-2M",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "SCALANCE S602 : All versions < V4.0.1.1"
},
{
"status": "affected",
"version": "SCALANCE S612 : All versions < V4.0.1.1"
},
{
"status": "affected",
"version": "SCALANCE S623 : All versions < V4.0.1.1"
},
{
"status": "affected",
"version": "SCALANCE S627-2M : All versions < V4.0.1.1"
}
]
}
]Related
ics
ics
Siemens SCALANCE S
2018-11-13 12:00:00
cve
cve
CVE-2018-16555
2018-12-13 16:29:00
nessus
nessus
prion
prion
Cross site scripting
2018-12-13 16:29:00
nvd
nvd
CVE-2018-16555
2018-12-13 16:29:00
threatpost
threatpost
Siemens Patches Firewall Flaw That Put Operations at Risk
2018-11-14 17:40:14