{"containers": {"cna": {"affected": [{"product": "SCALANCE XM-400, XR-500", "vendor": "n/a", "versions": [{"status": "affected", "version": "All versions prior to v6.4"}]}], "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to v6.4)."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-682", "description": "INCORRECT CALCULATION CWE-682", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-13T12:00:54", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10"}, {"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2020-28393", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SCALANCE XM-400, XR-500", "version": {"version_data": [{"version_value": "All versions prior to v6.4"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to v6.4)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "INCORRECT CALCULATION CWE-682"}]}]}, "references": {"reference_data": [{"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T16:33:59.094Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2020-28393", "datePublished": "2021-05-12T13:18:22", "dateReserved": "2020-11-10T00:00:00", "dateUpdated": "2024-08-04T16:33:59.094Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E40058B3-3726-4F6A-AB41-7679487639F2", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*", "matchCriteriaId": "798E900F-5EF9-4B39-B8C2-79FAE659E7F5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xr524_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "66B18697-4508-465B-AB56-A64DF601F8E4", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xr524:-:*:*:*:*:*:*:*", "matchCriteriaId": "7DEEA300-16C3-4FEE-88A8-674DE2AEEC95", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xr526_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DC81BDD-1426-4BF3-AB8B-D050EC9E44EB", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xr526:-:*:*:*:*:*:*:*", "matchCriteriaId": "756A07F8-4F9F-4A76-942E-82CB92216943", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xr528_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "70411378-1EEE-401A-A7C9-A88299215F82", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xr528:-:*:*:*:*:*:*:*", "matchCriteriaId": "FDE5E54D-FFED-4C2C-B89D-E085E61D44E4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xr552_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8DA7378E-5E6A-4541-B078-AB7E8CDC0E3E", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xr552:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB16A0BE-5AF3-4168-B755-D023E497A35F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xm416-4c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B98F706F-1994-464F-A7BC-01E476EA699F", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xm416-4c:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9102A41-5812-4014-BC07-E571E815ED49", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xm408-8c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A2826CF-A6AD-4FC8-8CE7-F1B5ACAA7451", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xm408-8c:-:*:*:*:*:*:*:*", "matchCriteriaId": "7096DBA5-95BB-44D7-B7CA-B1845C87F70E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xm408-4c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "192095A3-5A69-4B45-8A01-8A563C1ED8BA", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xm408-4c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2AA81823-013F-4990-B62D-86C404F04BCB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xm416-4c_l3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E34C5BF4-3761-4762-B0DE-3C4235C8B04C", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xm416-4c_l3:-:*:*:*:*:*:*:*", "matchCriteriaId": "86A2A766-9046-484F-9D49-4A1F4F0F96A4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xm408-8c_l3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E21E3308-2C77-4233-8827-3F0613121015", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xm408-8c_l3:-:*:*:*:*:*:*:*", "matchCriteriaId": "78562689-B494-4500-9725-B418F1EC3CAB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xm408-4c_l3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "96CF5766-E762-4329-BDCC-6833CD90BC4E", "versionEndExcluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xm408-4c_l3:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2FB222B-0414-4A1E-8BBD-6470CDB3BFF8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to v6.4)."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SCALANCE XM-400 Family (todas las versiones anteriores a V6.4), SCALANCE XR-500 Family (todas las versiones anteriores a V6.4). La implementaci\u00f3n del protocolo OSPF en los dispositivos afectados maneja incorrectamente el n\u00famero de campos LSA en combinaci\u00f3n con otros campos modificados. Un atacante remoto no autenticado podr\u00eda crear una condici\u00f3n de Denegaci\u00f3n de Servicio permanente al enviar paquetes OSPF especialmente dise\u00f1ados. Una explotaci\u00f3n con \u00e9xito requiere que OSPF est\u00e9 habilitado en un dispositivo afectado"}], "id": "CVE-2020-28393", "lastModified": "2024-11-21T05:22:42.740", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-12T14:15:11.083", "references": [{"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"}, {"source": "productcert@siemens.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-682"}], "source": "productcert@siemens.com", "type": "Secondary"}]}

{}

{}