Vulnerability Name:

CVE-2022-26380 (CCN-223967)

Assigned:2022-04-12
Published:2022-04-12
Updated:2022-04-19
Summary:A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
6.1 Medium (CCN CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-125
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2022-26380

Source: CCN
Type: Siemens Security Advisory SSA-836527
Multiple Vulnerabilities in SCALANCE X-300 Switch Family Devices

Source: CONFIRM
Type: Mitigation, Patch, Vendor Advisory
N/A

Source: XF
Type: UNKNOWN
siemens-cve202226380-dos(223967)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:siemens:scalance_x308-2lh+_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x308-2lh+:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x310:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*

    • Configuration 16:
  • cpe:/o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*

    • Configuration 17:
  • cpe:/o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*

    • Configuration 18:
  • cpe:/o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*

    • Configuration 19:
  • cpe:/o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*

    • Configuration 20:
  • cpe:/o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*

    • Configuration 21:
  • cpe:/o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*

    • Configuration 22:
  • cpe:/o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*

    • Configuration 23:
  • cpe:/o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*

    • Configuration 24:
  • cpe:/o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:* (Version < 4.1.4)
  • AND
  • cpe:/h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x308-2lh+:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x310:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    siemens scalance x302-7eec firmware *
    siemens scalance x302-7eec -
    siemens scalance x304-2fe firmware *
    siemens scalance x304-2fe -
    siemens scalance x306-1ldfe firmware *
    siemens scalance x306-1ldfe -
    siemens scalance x307-2eec firmware *
    siemens scalance x307-2eec -
    siemens scalance x307-3 firmware *
    siemens scalance x307-3 -
    siemens scalance x307-3ld firmware *
    siemens scalance x307-3ld -
    siemens scalance x308-2 firmware *
    siemens scalance x308-2 -
    siemens scalance x308-2ld firmware *
    siemens scalance x308-2ld -
    siemens scalance x308-2lh firmware *
    siemens scalance x308-2lh -
    siemens scalance x308-2lh+ firmware *
    siemens scalance x308-2lh+ -
    siemens scalance x308-2m firmware *
    siemens scalance x308-2m -
    siemens scalance x308-2m poe firmware -
    siemens scalance x308-2m poe -
    siemens scalance x308-2m ts firmware *
    siemens scalance x308-2m ts -
    siemens scalance x310 firmware *
    siemens scalance x310 -
    siemens scalance x310fe firmware *
    siemens scalance x310fe -
    siemens scalance x320-1fe firmware *
    siemens scalance x320-1fe -
    siemens scalance x320-1-2ldfe firmware *
    siemens scalance x320-1-2ldfe -
    siemens scalance x408-2 firmware *
    siemens scalance x408-2 -
    siemens scalance xr324-4m eec firmware *
    siemens scalance xr324-4m eec -
    siemens scalance xr324-4m poe firmware *
    siemens scalance xr324-4m poe -
    siemens scalance xr324-4m poe ts firmware *
    siemens scalance xr324-4m poe ts -
    siemens scalance xr324-12m firmware *
    siemens scalance xr324-12m -
    siemens scalance xr324-12m ts firmware *
    siemens scalance xr324-12m ts -
    siemens siplus net scalance x308-2 firmware *
    siemens siplus net scalance x308-2 -
    siemens scalance x304-2fe -
    siemens scalance x307-3 -
    siemens scalance x307-3ld -
    siemens scalance x308-2 -
    siemens scalance x308-2ld -
    siemens scalance x308-2lh -
    siemens scalance x308-2lh+ -
    siemens scalance x308-2m -
    siemens scalance x308-2m poe -
    siemens scalance x308-2m ts -
    siemens scalance x310 -
    siemens scalance x310fe -
    siemens scalance x408-2 -
    siemens scalance xr324-4m eec -
    siemens scalance xr324-4m poe -
    siemens scalance xr324-12m -