CVE-2012-1802
18.04.2012, 10:33
Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a malformed URL.Enginsight
| Vendor | Product | Version |
|---|---|---|
| siemens | scalance_x414-3e_firmware | 𝑥 ≤ 3.7.0 |
| siemens | scalance_x414-3e_firmware | 1.2.2 |
| siemens | scalance_x414-3e_firmware | 2.1.1 |
| siemens | scalance_x414-3e_firmware | 2.2.0 |
| siemens | scalance_x414-3e_firmware | 2.3.2 |
| siemens | scalance_x414-3e_firmware | 2.3.3 |
| siemens | scalance_x414-3e_firmware | 3.0.0 |
| siemens | scalance_x414-3e_firmware | 3.0.2 |
| siemens | scalance_x414-3e_firmware | 3.3.0 |
| siemens | scalance_x414-3e_firmware | 3.4.0 |
| siemens | scalance_x414-3e | - |
| siemens | scalance_x308-2m_firmware | 𝑥 ≤ 3.7.0 |
| siemens | scalance_x308-2m_firmware | 3.1.1 |
| siemens | scalance_x308-2m_firmware | 3.5.0 |
| siemens | scalance_x308-2m_firmware | 3.5.2 |
| siemens | scalance_x308-2m | - |
| siemens | scalance_x-300eec_firmware | 𝑥 ≤ 3.7.0 |
| siemens | scalance_x-300eec_firmware | 3.5.0 |
| siemens | scalance_x-300eec | - |
| siemens | scalance_xr-300_firmware | 𝑥 ≤ 3.7.0 |
| siemens | scalance_xr-300_firmware | 3.1.1 |
| siemens | scalance_xr-300_firmware | 3.5.0 |
| siemens | scalance_xr-300 | - |
| siemens | scalance_x-300_firmware | 𝑥 ≤ 3.7.0 |
| siemens | scalance_x-300_firmware | 2.2.0 |
| siemens | scalance_x-300_firmware | 2.3.1 |
| siemens | scalance_x-300_firmware | 3.0.0 |
| siemens | scalance_x-300_firmware | 3.3.1 |
| siemens | scalance_x-300_firmware | 3.5.0 |
| siemens | scalance_x-300_firmware | 3.5.1 |
| siemens | scalance_x-300 | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References