Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Scalance Xf204-2ba Dna Firmware Security Vulnerabilities

cve
cve

CVE-2020-15799

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the...

6.5CVSS

6.3AI Score

0.001EPSS

2021-01-12 09:15 PM
36
3
cve
cve

CVE-2020-15800

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4...

9.8CVSS

9.2AI Score

0.002EPSS

2021-01-12 09:15 PM
43
1
cve
cve

CVE-2020-25226

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buff...

9.8CVSS

9.3AI Score

0.002EPSS

2021-01-12 09:15 PM
41
1
cve
cve

CVE-2020-28391

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique...

5.9CVSS

5.4AI Score

0.001EPSS

2021-01-12 09:15 PM
64
3
cve
cve

CVE-2022-36323

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

9.1CVSS

9AI Score

0.002EPSS

2022-08-10 12:15 PM
67
6
cve
cve

CVE-2022-36324

Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.

7.5CVSS

7.6AI Score

0.002EPSS

2022-08-10 12:15 PM
59
7
cve
cve

CVE-2022-36325

Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.

6.8CVSS

5.2AI Score

0.001EPSS

2022-08-10 12:15 PM
62
8
cve
cve

CVE-2023-44317

Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.

7.2CVSS

7.2AI Score

0.001EPSS

2023-11-14 11:15 AM
55