Lucene search
K

Siemens SCALANCE X-200RNA Switch Devices Improper Input Validation (CVE-2015-6563)

🗓️ 13 Mar 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 8 Views

Siemens SCALANCE X-200RNA Switch Devices are vulnerable to improper input validation attacks.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Vulnerabilities in Open Source openssh affect IBM Security Identity Governance Appliance (CVE-2015-5352, CVE-2015-6563, CVE-2015-6564 )
16 Jun 201821:46
ibm
IBM Security Bulletins
IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index
31 Jan 202100:10
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSH affect SAN Volume Controller and Storwize Family (CVE-2015-6563 CVE-2015-6564)
29 Mar 202301:48
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSH affect IBM Flex System Manager (FSM)
18 Jun 201801:34
ibm
IBM Security Bulletins
Security Bulletin: Openssh vulnerabilities affect IBM SmartClound Entry (CVE-2015-5352 CVE-2015-6563 CVE-2015-6564)
19 Jul 202000:49
ibm
IBM Security Bulletins
Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Privileged Identity Manager
16 Jun 201821:45
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in ntp, libxml2, openssh, sqlite and python-base affect IBM BladeCenter Advanced Management Module (AMM)
14 Apr 202314:32
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem models 840 and 900
18 Feb 202301:45
ibm
IBM Security Bulletins
Security Bulletin: Fixes for Multiple Security Vulnerabilities in IBM Security Identity Manager Virtual Appliance available
16 Jun 201821:47
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem model V840
18 Jun 201800:32
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(503091);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/03/13");

  script_cve_id("CVE-2015-6563");
  script_xref(name:"ICSA", value:"22-349-21");

  script_name(english:"Siemens SCALANCE X-200RNA Switch Devices Improper Input Validation (CVE-2015-6563)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD
platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX
requests, which allows local users to conduct impersonation attacks by
leveraging any SSH login access in conjunction with control of the
sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to
monitor.c and monitor_wrap.c.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf");
  script_set_attribute(attribute:"see_also", value:"https://support.industry.siemens.com/cs/ww/en/view/109814809/");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-21");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-6563");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(20);

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/12/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/13");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_%28hsr%29_firmware:3.2.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_%28prp%29_firmware:3.2.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_eec_%28hsr%29_firmware:3.2.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_eec_%28prp%29_firmware:3.2.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_eec_%28prp%2fhsr%29_firmware:3.2.7");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_cpes = {
    "cpe:/o:siemens:scalance_x204rna_%28hsr%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BA00-2MB2']},
    "cpe:/o:siemens:scalance_x204rna_%28prp%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BA00-2KB2']},
    "cpe:/o:siemens:scalance_x204rna_eec_%28hsr%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BS00-2NA3']},
    "cpe:/o:siemens:scalance_x204rna_eec_%28prp%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BS00-3LA3']},
    "cpe:/o:siemens:scalance_x204rna_eec_%28prp%2fhsr%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BS00-3PA3']}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

13 Mar 2025 00:00Current
6.2Medium risk
Vulners AI Score6.2
CVSS 21.9
CVSS 3.16.4
EPSS0.00378
SSVC
8