Описание
The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative password.
Ссылки
- Vendor Advisory
- US Government Resource
- Vendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 2.3.0 (включая)
Одновременно
Одно из
cpe:2.3:a:siemens:scalance_s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:scalance_s_firmware:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:scalance_s_firmware:2.2.0:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:siemens:scalance_s602:v2:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s612:v2:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s613:v2:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01012
Низкий
10 Critical
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative password.
EPSS
Процентиль: 77%
0.01012
Низкий
10 Critical
CVSS2
Дефекты
CWE-287