Lucene search
HistoryFeb 02, 2015 - 3:59 p.m.
CVE-2015-1049
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.7%
The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.
Affected configurations
Node
siemensscalance_x-200_series_firmwareRange≤5.1.1
siemensscalance_x201-3p_irt_pro
ORsiemensscalance_x201-3pirt
ORsiemensscalance_x202-2irt
ORsiemensscalance_x202-2p_irt
ORsiemensscalance_x202-2p_irt_pro
ORsiemensscalance_x202-4p_irt
ORsiemensscalance_x204irt
ORsiemensscalance_x204irt_pro
ORsiemensscalance_xf204irt
Related
cve
cve
CVE-2015-1049
2015-02-02 15:59:01
cvelist
cvelist
CVE-2015-1049
2015-02-02 15:00:00
ics
ics
Siemens SCALANCE X-200IRT Switch Family User Impersonation Vulnerability
2018-08-29 12:00:00
nessus
nessus
Siemens SCALANCE X-200IRT User Impersonation (CVE-2015-1049)
2023-04-11 00:00:00
Siemens SCALANCE X-200IRT < 5.2.0 Session Hijacking
2015-02-16 00:00:00
prion
prion
Code injection
2015-02-02 15:59:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.7%
Related for NVD:CVE-2015-1049