CVE-2019-6567
Published: Jun 12, 2019
Modified: Aug 4, 2024
Description
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions < V5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X-414-3E (All versions). The affected devices store passwords in a recoverable format. An attacker may extract and recover device passwords from the device configuration. Successful exploitation requires access to a device configuration backup and impacts confidentiality of the stored passwords.
| Vendor | Product | Versions |
|---|---|---|
Siemens | SCALANCE X-200 switch family (incl. SIPLUS NET variants) | affected All Versions < V5.2.4 |
Siemens | SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) | affected All versions < V5.5.0 |
Siemens | SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) | affected All versions < V4.1.3 |
Siemens | SCALANCE X-414-3E | affected All versions |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now