4 matches found
Siemens SCALANCE Privilege Escalation (CVE-2013-3633)
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants Versions V5.0.0 for CVE-2013-3633 and versions V4.5.0 for CVE-2013-3634, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.1.0. The user privileges for the web interface are only...
CVE-2013-3633
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants Versions V5.0.0 for CVE-2013-3633 and versions V4.5.0 for CVE-2013-3634, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.1.0. The user privileges for the web interface are only...
Command injection
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants Versions V5.0.0 for CVE-2013-3633 and versions V4.5.0 for CVE-2013-3634, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.1.0. The implementation of SNMPv3 does not check the use...
CVE-2013-3633
Siemens SCALANCE X-200 and X-200IRT switches are affected by two related vulnerabilities (CVE-2013-3633 and CVE-2013-3634). The root cause is that web interface user privileges are enforced only on the client side and not properly verified on the server side (privilege escalation), and the SNMPv3...