CVE-2022-46355

2022-12-1300:00:00

CWE-200

siemens

www.cve.org

scalance x204rna

vulnerability

sensitive information

0.001 Low

EPSS

Percentile

44.8%

JSON

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The affected products are vulnerable to an “Exposure of Sensitive Information to an Unauthorized Actor” vulnerability by leaking sensitive data in the HTTP Referer.

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "SCALANCE X204RNA (HSR)",
    "versions": [
      {
        "version": "All versions < V3.2.7",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE X204RNA (PRP)",
    "versions": [
      {
        "version": "All versions < V3.2.7",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE X204RNA EEC (HSR)",
    "versions": [
      {
        "version": "All versions < V3.2.7",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE X204RNA EEC (PRP)",
    "versions": [
      {
        "version": "All versions < V3.2.7",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE X204RNA EEC (PRP/HSR)",
    "versions": [
      {
        "version": "All versions < V3.2.7",
        "status": "affected"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf

0.001 Low

EPSS

Percentile

44.8%

JSON

Related for CVELIST:CVE-2022-46355