CVE-2020-15799 - Vulnerability Details

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00489.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Scalance X200-4pirt Scalance X200-4pirt Firmware Scalance X201-3pirt Scalance X201-3pirt Firmware Scalance X202-2irt Scalance X202-2irt Firmware Scalance X202-2pirt Scalance X202-2pirt Firmware Scalance X202-2pirt Siplus Net Scalance X202-2pirt Siplus Net Firmware Scalance X204irt Scalance X204irt Firmware Scalance X307-3 Scalance X307-3 Firmware Scalance X307-3ld Scalance X307-3ld Firmware Scalance X308-2 Scalance X308-2 Firmware Scalance X308-2ld Scalance X308-2ld Firmware Scalance X308-2lh Scalance X308-2lh\+ Scalance X308-2lh\+ Firmware Scalance X308-2lh Firmware Scalance X308-2m Scalance X308-2m Firmware Scalance X308-2m Ts Scalance X308-2m Ts Firmware Scalance X310 Scalance X310 Firmware Scalance X310fe Scalance X310fe Firmware Scalance X320-1fe Scalance X320-1fe Firmware Scalance X320-3ldfe Scalance X320-3ldfe Firmware Scalance Xb205-3 Scalance Xb205-3 Firmware Scalance Xb205-3ld Scalance Xb205-3ld Firmware Scalance Xb208 Scalance Xb208 Firmware Scalance Xb213-3 Scalance Xb213-3 Firmware Scalance Xb213-3ld Scalance Xb213-3ld Firmware Scalance Xb216 Scalance Xb216 Firmware Scalance Xc206-2 Scalance Xc206-2 Firmware Scalance Xc206-2g Poe Scalance Xc206-2g Poe Firmware Scalance Xc206-2g Poe Eec Scalance Xc206-2g Poe Eec Firmware Scalance Xc206-2sfp Scalance Xc206-2sfp Eec Scalance Xc206-2sfp Eec Firmware Scalance Xc206-2sfp Firmware Scalance Xc206-2sfp G Scalance Xc206-2sfp G \(e\/ip\) Scalance Xc206-2sfp G \(e\/ip\) Firmware Scalance Xc206-2sfp G Eec Scalance Xc206-2sfp G Eec Firmware Scalance Xc206-2sfp G Firmware Scalance Xc208 Scalance Xc208 Firmware Scalance Xc208eec Scalance Xc208eec Firmware Scalance Xc208g Scalance Xc208g \(e\/ip\) Scalance Xc208g \(e\/ip\) Firmware Scalance Xc208g Eec Scalance Xc208g Eec Firmware Scalance Xc208g Firmware Scalance Xc208g Poe Scalance Xc208g Poe Firmware Scalance Xc216 Scalance Xc216-4c Scalance Xc216-4c Firmware Scalance Xc216-4c G Scalance Xc216-4c G \(e\/ip\) Scalance Xc216-4c G \(e\/ip\) Firmware Scalance Xc216-4c G Eec Scalance Xc216-4c G Eec Firmware Scalance Xc216-4c G Firmware Scalance Xc216 Firmware Scalance Xc216eec Scalance Xc216eec Firmware Scalance Xc224-4c G Scalance Xc224-4c G \(e\/ip\) Scalance Xc224-4c G \(e\/ip\) Firmware Scalance Xc224-4c G Firmware Scalance Xc224-4c G Eec Scalance Xc224-4c G Eec Firmware Scalance Xc224 Scalance Xc224 Firmware Scalance Xf201-3p Irt Scalance Xf201-3p Irt Firmware Scalance Xf202-2p Irt Scalance Xf202-2p Irt Firmware Scalance Xf204 Scalance Xf204-2 Scalance Xf204-2 Firmware Scalance Xf204-2ba Dna Scalance Xf204-2ba Dna Firmware Scalance Xf204-2ba Irt Scalance Xf204-2ba Irt Firmware Scalance Xf204 Dna Scalance Xf204 Dna Firmware Scalance Xf204 Firmware Scalance Xf204irt Scalance Xf204irt Firmware Scalance Xf206-1 Scalance Xf206-1 Firmware Scalance Xf208 Scalance Xf208 Firmware Scalance Xp208 Scalance Xp208 \(eip\) Scalance Xp208 \(eip\) Firmware Scalance Xp208 Firmware Scalance Xp208eec Scalance Xp208eec Firmware Scalance Xp208poe Eec Scalance Xp208poe Eec Firmware Scalance Xp216 Scalance Xp216 \(eip\) Scalance Xp216 \(eip\) Firmware Scalance Xp216 Firmware Scalance Xp216eec Scalance Xp216eec Firmware Scalance Xp216poe Eec Scalance Xp216poe Eec Firmware

Configuration 1 [-]

AND

cpe:2.3:o:siemens:scalance_x200-4pirt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x200-4pirt:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:scalance_x201-3pirt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x201-3pirt:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:siemens:scalance_x202-2pirt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2pirt:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:scalance_x202-2pirt_siplus_net_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2pirt_siplus_net:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2lh\+_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2lh\+:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:siemens:scalance_xc208g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:siemens:scalance_xc216-4c_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216-4c_g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:siemens:scalance_xc224-4c_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc224-4c_g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:siemens:scalance_xf204_dna_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204_dna:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*

Configuration 59 [-]

AND

cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*

Configuration 60 [-]

AND

cpe:2.3:o:siemens:scalance_xp208_\(eip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp208_\(eip\):-:*:*:*:*:*:*:*

Configuration 61 [-]

AND

cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*

Configuration 62 [-]

AND

cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*

Configuration 63 [-]

AND

cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*

Configuration 64 [-]

AND

cpe:2.3:o:siemens:scalance_xp216_\(eip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp216_\(eip\):-:*:*:*:*:*:*:*

Configuration 65 [-]

AND

cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*

Configuration 66 [-]

AND

cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2020-7782	A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2021-01-12T20:18:33

Updated: 2024-08-04T13:30:21.812Z

Reserved: 2020-07-15T00:00:00

Link: CVE-2020-15799

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-01-12T21:15:16.370

Modified: 2024-11-21T05:06:12.267

Link: CVE-2020-15799

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object