漏洞标题
N/A
漏洞描述信息
一个漏洞已经在SCALANCE XM408-4C(所有版本低于V6.5)、SCALANCE XM408-4C(L3 int.)(所有版本低于V6.5)、SCALANCE XM408-8C(所有版本低于V6.5)、SCALANCE XM408-8C(L3 int.)(所有版本低于V6.5)、SCALANCE XM416-4C(所有版本低于V6.5)、SCALANCE XM416-4C(L3 int.)(所有版本低于V6.5)、SCALANCE XR524-8C、1x230V(所有版本低于V6.5)、SCALANCE XR524-8C、1x230V(L3 int.)(所有版本低于V6.5)、SCALANCE XR524-8C、24V(所有版本低于V6.5)、SCALANCE XR524-8C、24V(L3 int.)(所有版本低于V6.5)、SCALANCE XR524-8C、2x230V(所有版本低于V6.5)、SCALANCE XR524-8C、2x230V(L3 int.)(所有版本低于V6.5)、SCALANCE XR526-8C、1x230V(所有版本低于V6.5)、SCALANCE XR526-8C、1x230V(L3 int.)(所有版本低于V6.5)、SCALANCE XR526-8C、24V(所有版本低于V6.5)、SCALANCE XR526-8C、24V(L3 int.)(所有版本低于V6.5)、SCALANCE XR526-8C、2x230V(所有版本低于V6.5)、SCALANCE XR526-8C、2x230V(L3 int.)(所有版本低于V6.5)、SCALANCE XR528-6M(所有版本低于V6.5)、SCALANCE XR528-6M(2HR2)(所有版本低于V6.5)、SCALANCE XR528-6M(2HR2, L3 int.)(所有版本低于V6.5)、SCALANCE XR528-6M(L3 int.)(所有版本低于V6.5)、SCALANCE XR552-12M(所有版本低于V6.5)、SCALANCE XR552-12M(2HR2)(所有版本低于V6.5)、SCALANCE XR552-12M(2HR2)(所有版本低于V6.5)、SCALANCE XR552-12M(2HR2, L3 int.)(所有版本低于V6.5)。 affected devices' OSPF protocol implementation fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to send specially crafted OSPF packets to cause interruptions in the network by sending OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device."
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C (L3 int.) (All versions < V6.5), SCALANCE XM408-8C (All versions < V6.5), SCALANCE XM408-8C (L3 int.) (All versions < V6.5), SCALANCE XM416-4C (All versions < V6.5), SCALANCE XM416-4C (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 1x230V (All versions < V6.5), SCALANCE XR524-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 24V (All versions < V6.5), SCALANCE XR524-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 2x230V (All versions < V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 1x230V (All versions < V6.5), SCALANCE XR526-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 24V (All versions < V6.5), SCALANCE XR526-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 2x230V (All versions < V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR528-6M (All versions < V6.5), SCALANCE XR528-6M (2HR2) (All versions < V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (All versions < V6.5), SCALANCE XR528-6M (L3 int.) (All versions < V6.5), SCALANCE XR552-12M (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (All versions < V6.5). The OSPF protocol implementation in affected devices fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to cause interruptions in the network by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device.
CVSS信息
N/A
漏洞类别
完整性检查值验证不恰当
漏洞标题
Siemens SCALANCE 安全漏洞
漏洞描述信息
Siemens SCALANCE是德国西门子(Siemens)公司的一系列以太网交换机。可连接到工业控制系统 (ICS) 设备,包括可编程逻辑控制器 (PLC) 和人机界面 (HMI) 系统。 Siemens SCALANCE 存在安全漏洞,该漏洞源于设备中的 OSPF 协议实现无法验证 OSPF LS 更新消息中的校验和和长度字段,远程攻击者利用该漏洞可以通过发送特制的 OSPF 数据包来导致网络中断,以下产品和版本受到影响:SCALANCE XM408-4C(V6.5之前版本),SCALANCE XM
CVSS信息
N/A
漏洞类别
其他