返回 CVE 瀏覽器

CVE-2012-1799

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1860%

EPSS Percentile22.05th

Published2012年4月18日

Last Modified2026年4月29日

Vulnerability Description

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative password.

Affected Platforms (CPE)

📦

Siemens

Scalance S Firmware

<= 2.3.0

📦

Siemens

Scalance S Firmware

= 2.1.0

📦

Siemens

Scalance S Firmware

= 2.2.0

🔌

Siemens

Scalance S602

= v2

🔌

Siemens

Scalance S612

= v2

🔌

Siemens

Scalance S613

= v2

References & Advisories

🔗 http://osvdb.org/81033

🔗 http://support.automation.siemens.com/WW/view/en/59869684

🔗 http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-268149.pdf

🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-05.pdf

🔗 http://osvdb.org/81033

🔗 http://support.automation.siemens.com/WW/view/en/59869684

🔗 http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-268149.pdf

🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-05.pdf

相關漏洞威脅

CVE-2013-465210.0

Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 all...

CVE-2013-594410.0

The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before...

CVE-2013-57098.3

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a s...

CVE-2014-84787.8

The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 al...