The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware prior to 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote malicious users to hijack sessions by predicting a value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siemens scalance_x-200_series_firmware 4.3 |
||
siemens scalance_x-200_series_firmware |
||
siemens scalance_xf-200 - |
||
siemens scalance_x200-4p_irt - |
||
siemens scalance_x204irt - |
||
siemens scalance_x201-3p_irt - |
||
siemens scalance_x202-2irt - |
||
siemens scalance_x202-2p_irt - |
||
siemens scalance_x-200 - |
||
siemens scalance_x-200rna - |