Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.3
CVSSv2

CVE-2013-5709

Published: 17/09/2013 Updated: 10/02/2020
CVSS v2 Base Score: 8.3 | Impact Score: 8.5 | Exploitability Score: 8.6
VMScore: 739
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:C

Vulnerability Summary

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware prior to 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote malicious users to hijack sessions by predicting a value.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens scalance_x-200_series_firmware 4.3

siemens scalance_x-200_series_firmware

siemens scalance_xf-200 -

siemens scalance_x200-4p_irt -

siemens scalance_x204irt -

siemens scalance_x201-3p_irt -

siemens scalance_x202-2irt -

siemens scalance_x202-2p_irt -

siemens scalance_x-200 -

siemens scalance_x-200rna -

References

CWE-189http://ics-cert.us-cert.gov/advisories/ICSA-13-254-01http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-850708.pdfhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223CVE-2024-0044information disclosureCVE-2024-35753HTML injectionCVE-2024-21306CVE-2024-35733SQL injectionCVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook