CVE-2013-3634

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 does not check the user credentials sufficiently. Therefore, an attacker is able to execute SNMP commands without correct credentials.

Published: May 24, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-3634
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
siemens / scalance_x200irt_firmware	-	5.0.0.x

https://cert-portal.siemens.com/productcert/pdf/ssa-170686.pdf

Vulnerability Database

289,697

CVE-2013-3634