Lucene search
SiemensCVELIST:CVE-2019-6567HistoryJun 12, 2019 - 1:47 p.m.
CVE-2019-6567
2019-06-1213:47:56
CWE-257
siemens
www.cve.org
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions < V5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X-414-3E (All versions). The affected devices store passwords in a recoverable format. An attacker may extract and recover device passwords from the device configuration. Successful exploitation requires access to a device configuration backup and impacts confidentiality of the stored passwords.
CNA Affected
[
{
"product": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions < V5.2.4"
}
]
},
{
"product": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V5.5.0"
}
]
},
{
"product": "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.1.3"
}
]
},
{
"product": "SCALANCE X-414-3E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
]Related
cve
cve
CVE-2019-6567
2019-06-12 14:29:04
pentestpartners
pentestpartners
Pen Testing Ships. A year in review
2020-02-04 07:36:44
Pwning a Siemens Scalance ICS switch through ARM reversing
2019-09-03 06:55:14
nvd
nvd
CVE-2019-6567
2019-06-12 14:29:04
ics
ics
Siemens SCALANCE X (Update B)
2021-02-09 12:00:00
nessus
nessus
Siemens SCALANCE X Storing Passwords in a Recoverable Format (CVE-2019-6567)
2023-04-11 00:00:00
prion
prion
Design/Logic Flaw
2019-06-12 14:29:00