CyberSec.Space Logo
Back to CVE Browser

CVE-2012-1799

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile22.05th
PublishedApr 18, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative password.

Affected Platforms (CPE)

πŸ“¦
Siemens

Scalance S Firmware

<= 2.3.0
πŸ“¦
Siemens

Scalance S Firmware

= 2.1.0
πŸ“¦
Siemens

Scalance S Firmware

= 2.2.0
πŸ”Œ
Siemens

Scalance S602

= v2
πŸ”Œ
Siemens

Scalance S612

= v2
πŸ”Œ
Siemens

Scalance S613

= v2

References & Advisories

πŸ”— http://osvdb.org/81033
πŸ”— http://support.automation.siemens.com/WW/view/en/59869684
πŸ”— http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-268149.pdf
πŸ”— http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-05.pdf
πŸ”— http://osvdb.org/81033
πŸ”— http://support.automation.siemens.com/WW/view/en/59869684
πŸ”— http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-268149.pdf
πŸ”— http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-05.pdf

Related Vulnerabilities

CVE-2013-465210.0

Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 all...

CVE-2013-594410.0

The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before...

CVE-2013-57098.3

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a s...

CVE-2014-84787.8

The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 al...