Lucene search
This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_SIEMENS_SCALANCE_X200_CVE-2015-1049.NBINHistoryFeb 16, 2015 - 12:00 a.m.
Siemens SCALANCE X-200IRT < 5.2.0 Session Hijacking
2015-02-1600:00:00
This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.7%
According to its self-reported version number, the remote SCALANCE device is affected by an unspecified vulnerability that allows an attacker to hijack a session and perform administrative functions on the device without authentication.
Binary data scada_siemens_scalance_x200_cve-2015-1049.nbin| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | scalance_x-200_series_firmware | cpe:/o:siemens:scalance_x-200_series_firmware |
Related
nvd
nvd
CVE-2015-1049
2015-02-02 15:59:01
cve
cve
CVE-2015-1049
2015-02-02 15:59:01
cvelist
cvelist
CVE-2015-1049
2015-02-02 15:00:00
ics
ics
Siemens SCALANCE X-200IRT Switch Family User Impersonation Vulnerability
2018-08-29 12:00:00
nessus
nessus
Siemens SCALANCE X-200IRT User Impersonation (CVE-2015-1049)
2023-04-11 00:00:00
prion
prion
Code injection
2015-02-02 15:59:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.7%
Related for SCADA_SIEMENS_SCALANCE_X200_CVE-2015-1049.NBIN