{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-40631", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "dateUpdated": "2024-08-03T12:21:46.592Z", "dateReserved": "2022-09-13T00:00:00", "datePublished": "2022-10-11T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2022-10-11T00:00:00"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-2P IRT (All versions < V5.5.0), SCALANCE X202-2P IRT PRO (All versions < V5.5.0), SCALANCE X204-2 (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X204IRT (All versions < V5.5.0), SCALANCE X204IRT PRO (All versions < V5.5.0), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < V5.5.0), SCALANCE XF202-2P IRT (All versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204-2 (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < V5.5.0), SCALANCE XF204IRT (All versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.0). There is a cross-site scripting vulnerability on the affected devices, that if used by a threat actor, it could result in session hijacking."}], "affected": [{"vendor": "Siemens", "product": "SCALANCE X200-4P IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X201-3P IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X201-3P IRT PRO", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X202-2IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X202-2P IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X202-2P IRT PRO", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X204-2", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X204-2FM", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X204-2LD", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X204-2LD TS", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X204-2TS", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X204IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X204IRT PRO", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X206-1", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X206-1LD", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X208", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X208PRO", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X212-2", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X212-2LD", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X216", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE X224", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE XF201-3P IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE XF202-2P IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE XF204", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE XF204-2", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE XF204-2BA IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE XF204IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE XF206-1", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SCALANCE XF208", "versions": [{"version": "All versions < V5.2.5", "status": "affected"}]}, {"vendor": "Siemens", "product": "SIPLUS NET SCALANCE X202-2P IRT", "versions": [{"version": "All versions < V5.5.0", "status": "affected"}]}], "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:21:46.592Z"}, "title": "CVE Program Container", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9718A3C6-D0FD-4A3B-95B1-8694B2B06060", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x200-4p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B9CBC72-92D9-4B3A-884F-33124C457016", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA86FF0D-7B16-4991-B4A5-AF33BF40693A", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "3268CF75-6DAB-416A-B19B-2A8F95C268CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA2326FF-5125-44F5-871C-2DC505E2B299", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "492E8AC1-338B-4AC3-90C7-1FADCD4528C4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "666FACCE-89EB-4E5D-A718-F1D4945F7DF4", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8B1D979-038F-42F4-AB7D-E0664D051B4E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0475BCB9-BD28-454F-8898-C238446AD00B", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "CEB62730-E759-455A-A308-F9DB084B35B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "29C03AD0-7A60-4BFB-A0D3-BABB9717F1A1", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4726901-34BF-4F70-80A6-71648A4A29FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACE1A821-8F0A-4B96-AC8A-B219215014B1", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2:-:*:*:*:*:*:*:*", "matchCriteriaId": "E38CE5A4-3EB1-4E93-BEB7-520E08DA6720", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "54201E08-15E3-4C93-9A0D-DC376B7C8D88", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FCBC784-8EA0-4C6C-B504-DFC164028E4B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "75220631-DD7D-4E86-8405-F98340FFE27C", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BE27611-53E7-4162-8630-5BC334B02E37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3032A499-DFD5-4FEA-8AC6-E661781387AB", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FDEBD6B-6BE4-4FAD-A4E6-BE762595434D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A493C49A-8BF9-43E5-98D5-55E5390A36A5", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5FFC1E9-4326-4F41-A86A-C52AB6A9A674", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C94D093-9D17-47C9-A7F6-28FF241BF874", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "6716DCDE-BD3F-4BA2-A66A-A0C14C6A3C15", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204irt_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F0BEFA7-9795-4009-B055-704BF3C97B6B", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204irt_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "1769DB7A-F832-4D89-8ED0-8677F750059D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2C9747F-BEC3-486E-B553-3339F8B54C3A", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A5BB0F2-DD4C-4AB4-9B8F-B2501B239080", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C8D68AC-8F30-4919-ADB3-A6018458602B", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DFF7FB7-774B-45ED-8400-951230DF0511", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2BC1450A-92ED-451F-9890-4E18CA974485", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3B574E2-F7BA-496B-887C-D25F386AA5E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "768320F0-10F5-4B36-AEB6-9DEEA43A30E8", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF2C60CF-4089-4993-A2CB-B7FBDAF81D62", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "31B8367C-5EAC-49F4-83B8-C7E3BD373092", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E716A4E-50A9-4C52-8DA9-098F7506F4B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "55F50ABF-3E9A-4435-BAA4-7D11A2047D46", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*", "matchCriteriaId": "C08CDEE3-43EB-475E-8571-6E12824714FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC643617-D0B7-4379-8ADB-2C2BACA4B165", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0C4BAB5-E161-4B59-8A8C-369C7852A66E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0189DF6-DA80-49FE-B09F-0C07D892518E", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*", "matchCriteriaId": "D2203895-BC4E-4B2F-9110-C2CD88A121F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5557DB0-D3D8-4E53-BBA8-700B2BC336C0", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "41614C70-97B4-44C8-A441-530A413A26F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1A7EDE9-B5F9-4471-8C5D-B1D590CB85FB", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "6751FB7D-C72C-4321-B535-5880FE696FC3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CD13707-1164-415E-9083-7946D151F1FC", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F1AE867-67B4-4871-BF56-88017533A737", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A09FF2D-F369-47B5-AEE4-A862BEDD9851", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*", "matchCriteriaId": "69285324-4C0B-4BDC-B60D-F653679DD52D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "786738CF-CA6C-4812-BD4D-595E249BFA76", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4824C65E-E41B-4883-AAB5-011904AE463C", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "57E5489B-277A-4D02-B4AB-4DB65969EED2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CFCDC84E-0695-409A-844B-D24024CC33F2", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B40D2EB-5C69-47FA-801B-DC48407D418C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1DB6C03-71BF-4359-834B-384E78910E64", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", "matchCriteriaId": "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_net_scalance_x202-2p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB92E2D3-8F6D-40F2-9536-8D7DD7FBC9A5", "versionEndExcluding": "5.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_net_scalance_x202-2p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C3504F0-D0F4-4106-824E-A87E46DADC3B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-2P IRT (All versions < V5.5.0), SCALANCE X202-2P IRT PRO (All versions < V5.5.0), SCALANCE X204-2 (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X204IRT (All versions < V5.5.0), SCALANCE X204IRT PRO (All versions < V5.5.0), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < V5.5.0), SCALANCE XF202-2P IRT (All versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204-2 (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < V5.5.0), SCALANCE XF204IRT (All versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.0). There is a cross-site scripting vulnerability on the affected devices, that if used by a threat actor, it could result in session hijacking."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SCALANCE X200-4P IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X201-3P IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X201-3P IRT PRO (Todas las versiones anteriores a V5. 5.0), SCALANCE X202-2IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X202-2P IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X202-2P IRT PRO (Todas las versiones anteriores a V5.5. 0), SCALANCE X204-2 (Todas las versiones anteriores a V5.2.5), SCALANCE X204-2FM (Todas las versiones anteriores a V5.2.5), SCALANCE X204-2LD (Todas las versiones anteriores a V5.2.5), SCALANCE X204-2LD TS (Todas las versiones anteriores a V5. 2.5), SCALANCE X204-2TS (Todas las versiones anteriores a V5.2.5), SCALANCE X204IRT (Todas las versiones anteriores a V5.5.0), SCALANCE X204IRT PRO (Todas las versiones anteriores a V5.5.0), SCALANCE X206-1 (Todas las versiones anteriores a V5.2. 5), SCALANCE X206-1LD (Todas las versiones anteriores a V5.2.5), SCALANCE X208 (Todas las versiones anteriores a V5.2.5), SCALANCE X208PRO (Todas las versiones anteriores a V5.2.5), SCALANCE X212-2 (Todas las versiones anteriores a V5.2. 5), SCALANCE X212-2LD (Todas las versiones anteriores a V5.2.5), SCALANCE X216 (Todas las versiones anteriores a V5.2.5), SCALANCE X224 (Todas las versiones anteriores a V5.2.5), SCALANCE XF201-3P IRT (Todas las versiones anteriores a V5.5. 0), SCALANCE XF202-2P IRT (Todas las versiones anteriores a V5.5.0), SCALANCE XF204 (Todas las versiones anteriores a V5.2.5), SCALANCE XF204-2 (Todas las versiones anteriores a V5.2.5), SCALANCE XF204-2BA IRT (Todas las versiones anteriores a V5.5. 0), SCALANCE XF204IRT (Todas las versiones anteriores a V5.5.0), SCALANCE XF206-1 (Todas las versiones anteriores a V5.2.5), SCALANCE XF208 (Todas las versiones anteriores a V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (Todas las versiones anteriores a V5.5.0). Se presenta una vulnerabilidad de tipo cross-site scripting en los dispositivos afectados, que si es usada por un actor de amenaza, podr\u00eda resultar en un secuestro de sesi\u00f3n"}], "id": "CVE-2022-40631", "lastModified": "2024-11-21T07:21:44.787", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-11T11:15:10.997", "references": [{"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "productcert@siemens.com", "type": "Secondary"}]}

{}

{}