CVE-2013-3633
Last modified
CVE-2013-3633 is a vulnerability of currently unknown severity. A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. EPSS estimates a 1.20% chance of exploitation in the next 30 days.
Description
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the web interface are only enforced on client side and not properly verified on server side. Therefore, an attacker is able to execute privileged commands using an unprivileged account.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Scalance X200irt Firmware | <= 5.0.0 |
| Siemens | Scalance X200-4p Irt | All versions |
| Siemens | Scalance X201-3p Irt | All versions |
| Siemens | Scalance X202-2irt | All versions |
| Siemens | Scalance X202-2p Irt | All versions |
| Siemens | Scalance X204irt | All versions |
| Siemens | Scalance Xf204irt | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-3633?
How severe is CVE-2013-3633?
How do I fix CVE-2013-3633?
Are you affected by CVE-2013-3633?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST