The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value.
6.9AI Score
0.007EPSS
The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management interface.
7.2AI Score
0.005EPSS
The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.
6.9AI Score
0.004EPSS