Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.8
CVSSv3

CVE-2022-36325

Published: 10/08/2022 Updated: 27/06/2023
CVSS v3 Base Score: 4.8 | Impact Score: 2.7 | Exploitability Score: 1.7
VMScore: 0
Subscribe to Siemens

Vulnerability Summary

Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens scalance_m-800_firmware

siemens scalance_s615_firmware

siemens scalance_sc-600_firmware

siemens scalance_sc622-2c_firmware

siemens scalance_sc632-2c_firmware

siemens scalance_sc636-2c_firmware

siemens scalance_sc642-2c_firmware

siemens scalance_sc646-2c_firmware

siemens scalance_w700_ieee_802.11ax_firmware

siemens scalance_w700_ieee_802.11n_firmware

siemens scalance_w700_ieee_802.11ac_firmware

siemens scalance_xb-200_firmware

siemens scalance_xb205-3_firmware

siemens scalance_xb205-3ld_firmware

siemens scalance_xb208_firmware

siemens scalance_xb213-3_firmware

siemens scalance_xb213-3ld_firmware

siemens scalance_xb216_firmware

siemens scalance_xc-200_firmware

siemens scalance_xc206-2_firmware

siemens scalance_xc206-2g_poe__firmware

siemens scalance_xc206-2g_poe_eec_firmware

siemens scalance_xc206-2sfp_eec_firmware

siemens scalance_xc206-2sfp_g_firmware

siemens scalance_xc206-2sfp_g_\\(e\\/ip\\)_firmware

siemens scalance_xc206-2sfp_g_eec_firmware

siemens scalance_xc208_firmware

siemens scalance_xc208eec_firmware

siemens scalance_xc208g_firmware

siemens scalance_xc208g_\\(e\\/ip\\)_firmware

siemens scalance_xc208g_eec_firmware

siemens scalance_xc208g_poe_firmware

siemens scalance_xc216_firmware

siemens scalance_xc216-4c_firmware

siemens scalance_xc216-4c_g_firmware

siemens scalance_xc216-4c_g_\\(e\\/ip\\)_firmware

siemens scalance_xc216-4c_g_eec_firmware

siemens scalance_xc216eec_firmware

siemens scalance_xc224__firmware

siemens scalance_xc224-4c_g__firmware

siemens scalance_xc224-4c_g_\\(e\\/ip\\)_firmware

siemens scalance_xc224-4c_g_eec_firmware

siemens scalance_xf-200ba_firmware

siemens scalance_xf204-2ba_dna_firmware

siemens scalance_xf204-2ba_irt_firmware

siemens scalance_xm400_firmware

siemens scalance_xm408-4c_firmware

siemens scalance_xm408-4c_l3_firmware

siemens scalance_xm408-8c_firmware

siemens scalance_xm408-8c_l3_firmware

siemens scalance_xm416-4c_firmware

siemens scalance_xm416-4c_l3_firmware

siemens scalance_xp-200_firmware

siemens scalance_xp208_firmware

siemens scalance_xp208_\\(eip\\)_firmware

siemens scalance_xp208eec_firmware

siemens scalance_xp208poe_eec_firmware

siemens scalance_xp216_firmware

siemens scalance_xp216_\\(eip\\)_firmware

siemens scalance_xp216eec_firmware

siemens scalance_xp216poe_eec_firmware

siemens scalance_xr-300_firmware

siemens scalance_xr-300eec_firmware

siemens scalance_xr-300poe_firmware

siemens scalance_xr-300wg_firmware

siemens scalance_xr324-12m_firmware

siemens scalance_xr324-12m_ts_firmware

siemens scalance_xr324-4m_eec_firmware

siemens scalance_xr324-4m_poe_firmware

siemens scalance_xr324-4m_poe_ts_firmware

siemens scalance_xr324wg_firmware

siemens scalance_xr326-2c_poe_wg_firmware

siemens scalance_xr328-4c_wg_firmware

siemens scalance_xr500_firmware

siemens scalance_xr524_firmware

siemens scalance_xr524-8c_firmware

siemens scalance_xr524-8c_l3_firmware

siemens scalance_xr526_firmware

siemens scalance_xr526-8c_firmware

siemens scalance_xr526-8c_l3_firmware

siemens scalance_xr528_firmware

siemens scalance_xr528-6m_firmware

siemens scalance_xr528-6m_2hr2_firmware

siemens scalance_xr528-6m_2hr2_l3_firmware

siemens scalance_xr528-6m_l3_firmware

siemens scalance_xr552_firmware

siemens scalance_xr552-12_firmware

siemens scalance_xr552-12m_firmware

siemens scalance_xr552-12m_2hr2_firmware

siemens scalance_xr552-12m_2hr2_l3_firmware

ICS Advisories

Siemens SCALANCE

References

NVD-CWE-Otherhttps://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdfhttps://nvd.nist.govhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-223-07
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook