OpenCVE

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	6gk5204-0ba00-2kb2 6gk5204-0ba00-2kb2 Firmware 6gk5204-0ba00-2mb2 6gk5204-0ba00-2mb2 Firmware 6gk5204-0bs00-2na3 6gk5204-0bs00-2na3 Firmware 6gk5204-0bs00-3la3 6gk5204-0bs00-3la3 Firmware 6gk5204-0bs00-3pa3 6gk5204-0bs00-3pa3 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:siemens:6gk5204-0ba00-2mb2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5204-0ba00-2mb2:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:6gk5204-0ba00-2kb2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5204-0ba00-2kb2:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:6gk5204-0bs00-2na3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5204-0bs00-2na3:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:siemens:6gk5204-0bs00-3la3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5204-0bs00-3la3:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:6gk5204-0bs00-3pa3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5204-0bs00-3pa3:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2022-12-13T00:00:00

Updated: 2024-08-03T14:31:45.895Z

Reserved: 2022-11-30T00:00:00

Link: CVE-2022-46352

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-12-13T16:15:25.793

Modified: 2024-11-21T07:30:26.673

Link: CVE-2022-46352

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5204-0ba00-2mb2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "77A54E43-E9A5-49CF-BA3C-E6878C2C713F", "versionEndExcluding": "3.2.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5204-0ba00-2mb2:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF6E5E68-552D-40C1-A4AB-605D0F21688F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5204-0ba00-2kb2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE326B9F-A613-46B5-A20D-BE9D41A80857", "versionEndExcluding": "3.2.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5204-0ba00-2kb2:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B61CA05-D98E-4BD6-BE78-58574B2DE5CA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5204-0bs00-2na3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6FCF31E-22CA-4038-AC27-BAEA752A718D", "versionEndExcluding": "3.2.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5204-0bs00-2na3:-:*:*:*:*:*:*:*", "matchCriteriaId": "28B98E8F-0E32-4BA4-8237-055BDB25C1B3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5204-0bs00-3la3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7EA94F5-1AB0-4BE2-810A-46B840070856", "versionEndExcluding": "3.2.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5204-0bs00-3la3:-:*:*:*:*:*:*:*", "matchCriteriaId": "D92CFF31-E138-49D0-A9FF-A91E7342AEFC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5204-0bs00-3pa3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "06CBD11B-3671-425B-89EB-4B9677B3316B", "versionEndExcluding": "3.2.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5204-0bs00-3pa3:-:*:*:*:*:*:*:*", "matchCriteriaId": "1572F77B-98B7-44D9-9DF9-9EC56CD6E571", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en \nSCALANCE X204RNA (HSR) (Todas las versiones < V3.2.7), \nSCALANCE X204RNA (PRP) (Todas las versiones < V3.2.7), \nSCALANCE X204RNA EEC (HSR) (Todas las versiones < V3.2.7 ), \nSCALANCE X204RNA EEC (PRP) (todas las versiones < V3.2.7), \nSCALANCE X204RNA EEC (PRP/HSR) (todas las versiones < V3.2.7). \nLos paquetes PROFINET DCP especialmente manipulados podr\u00edan provocar una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) de los productos afectados."}], "id": "CVE-2022-46352", "lastModified": "2024-11-21T07:30:26.673", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-13T16:15:25.793", "references": [{"source": "productcert@siemens.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "productcert@siemens.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}