CVE-2013-3633
Summary
| CVE | CVE-2013-3633 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-05-24 20:55:00 UTC |
| Updated | 2019-12-12 20:15:00 UTC |
| Description | A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the web interface are only enforced on client side and not properly verified on server side. Therefore, an attacker is able to execute privileged commands using an unprivileged account. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Siemens | Scalance X200-4p Irt | - | All | All | All |
| Hardware | Siemens | Scalance X200-4p Irt | - | All | All | All |
| Operating System | Siemens | Scalance X200irt Firmware | All | All | All | All |
| Hardware | Siemens | Scalance X201-3p Irt | - | All | All | All |
| Hardware | Siemens | Scalance X201-3p Irt | - | - | pro | All |
| Hardware | Siemens | Scalance X201-3p Irt | - | All | All | All |
| Hardware | Siemens | Scalance X201-3p Irt | - | - | pro | All |
| Hardware | Siemens | Scalance X202-2irt | - | All | All | All |
| Hardware | Siemens | Scalance X202-2irt | - | All | All | All |
| Hardware | Siemens | Scalance X202-2p Irt | - | All | All | All |
| Hardware | Siemens | Scalance X202-2p Irt | - | - | pro | All |
| Hardware | Siemens | Scalance X202-2p Irt | - | All | All | All |
| Hardware | Siemens | Scalance X202-2p Irt | - | - | pro | All |
| Hardware | Siemens | Scalance X204irt | - | All | All | All |
| Hardware | Siemens | Scalance X204irt | - | - | pro | All |
| Hardware | Siemens | Scalance X204irt | - | All | All | All |
| Hardware | Siemens | Scalance X204irt | - | - | pro | All |
| Hardware | Siemens | Scalance Xf204irt | - | All | All | All |
| Hardware | Siemens | Scalance Xf204irt | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| cert-portal.siemens.com/productcert/pdf/ssa-170686.pdf | CONFIRM | cert-portal.siemens.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.