CVE-2020-15799

  • Last update: Apr 13, 2023

Description

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.

Software From Fixed in
siemens / scalance_x308-2m_firmware - -
siemens / scalance_x200-4pirt_firmware - 5.5.0
siemens / scalance_x201-3pirt_firmware - 5.5.0
siemens / scalance_x202-2irt_firmware - 5.5.0
siemens / scalance_x202-2pirt_firmware - 5.5.0
siemens / scalance_x202-2pirt_siplus_net_firmware - 5.5.0
siemens / scalance_x204irt_firmware - 5.5.0
siemens / scalance_x307-3_firmware - -
siemens / scalance_x307-3ld_firmware - -
siemens / scalance_x308-2_firmware - -
siemens / scalance_x308-2ld_firmware - -
siemens / scalance_x308-2lh_firmware - -
siemens / scalance_x308-2lh+_firmware - -
siemens / scalance_x308-2m_ts_firmware - -
siemens / scalance_x310_firmware - -
siemens / scalance_x310fe_firmware - -
siemens / scalance_x320-1fe_firmware - -
siemens / scalance_x320-3ldfe_firmware - -
siemens / scalance_xb205-3_firmware - 5.2.5
siemens / scalance_xb205-3ld_firmware - 5.2.5
siemens / scalance_xb208_firmware - 5.2.5
siemens / scalance_xb213-3_firmware - 5.2.5
siemens / scalance_xb213-3ld_firmware - 5.2.5
siemens / scalance_xb216_firmware - 5.2.5
siemens / scalance_xc206-2_firmware - 5.2.5
siemens / scalance_xc206-2g_poe__firmware - 5.2.5
siemens / scalance_xc206-2g_poe_eec_firmware - 5.2.5
siemens / scalance_xc206-2sfp_firmware - 5.2.5
siemens / scalance_xc206-2sfp_eec_firmware - 5.2.5
siemens / scalance_xc206-2sfp_g_firmware - 5.2.5
siemens / scalance_xc206-2sfp_g_(e/ip)_firmware - 5.2.5
siemens / scalance_xc206-2sfp_g_eec_firmware - 5.2.5
siemens / scalance_xc208_firmware - 5.2.5
siemens / scalance_xc208eec_firmware - 5.2.5
siemens / scalance_xc208g_firmware - 5.2.5
siemens / scalance_xc208g_(e/ip)_firmware - 5.2.5
siemens / scalance_xc208g_eec_firmware - 5.2.5
siemens / scalance_xc208g_poe_firmware - 5.2.5
siemens / scalance_xc216_firmware - 5.2.5
siemens / scalance_xc216-4c_firmware - 5.2.5
siemens / scalance_xc216-4c_g_firmware - 5.2.5
siemens / scalance_xc216-4c_g_(e/ip)_firmware - 5.2.5
siemens / scalance_xc216-4c_g_eec_firmware - 5.2.5
siemens / scalance_xc216eec_firmware - 5.2.5
siemens / scalance_xc224-4c_g__firmware - 5.2.5
siemens / scalance_xc224-4c_g_(e/ip)_firmware - 5.2.5
siemens / scalance_xc224-4c_g_eec_firmware - 5.2.5
siemens / scalance_xc224__firmware - 5.2.5
siemens / scalance_xf201-3p_irt_firmware - 5.2.5
siemens / scalance_xf202-2p_irt_firmware - 5.2.5
siemens / scalance_xf204_firmware - 5.2.5
siemens / scalance_xf204-2_firmware - 5.2.5
siemens / scalance_xf204-2ba_dna_firmware - 5.2.5
siemens / scalance_xf204-2ba_irt_firmware - 5.2.5
siemens / scalance_xf204_dna_firmware - 5.2.5
siemens / scalance_xf204irt_firmware - 5.2.5
siemens / scalance_xf206-1_firmware - 5.2.5
siemens / scalance_xf208_firmware - 5.2.5
siemens / scalance_xp208_firmware - 5.2.5
siemens / scalance_xp208_(eip)_firmware - 5.2.5
siemens / scalance_xp208eec_firmware - 5.2.5
siemens / scalance_xp208poe_eec_firmware - 5.2.5
siemens / scalance_xp216_firmware - 5.2.5
siemens / scalance_xp216_(eip)_firmware - 5.2.5
siemens / scalance_xp216eec_firmware - 5.2.5
siemens / scalance_xp216poe_eec_firmware - 5.2.5

Details

    • Severity: Medium
  • CVE: CVE-2020-15799
  • Published: Jan 12, 2021
  • Updated: Apr 13, 2023
  • Exploit:

CVSS v3

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS v2

  • Severity: High
  • Score: 7.1
  • AV:N/AC:M/Au:N/C:N/I:N/A:C

CWEs