cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2016-7090,https://securityvulnerability.io/vulnerability/CVE-2016-7090,,"The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.",Siemens,Scalance M-800 Firmware,4,MEDIUM,0.0015399999683722854,false,,false,false,false,,false,false,2016-09-29T10:00:00.000Z,0
CVE-2015-1049,https://securityvulnerability.io/vulnerability/CVE-2015-1049,,The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.,Siemens,Scalance X-200 Series Firmware,,,0.003969999961555004,false,,false,false,false,,false,false,2015-02-02T15:00:00.000Z,0
CVE-2014-8478,https://securityvulnerability.io/vulnerability/CVE-2014-8478,,The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote attackers to cause a denial of service (reboot) via malformed HTTP requests.,Siemens,Scalance X-300 Series Firmware,,,0.002099999925121665,false,,false,false,false,,false,false,2015-01-21T17:00:00.000Z,0
CVE-2014-8479,https://securityvulnerability.io/vulnerability/CVE-2014-8479,,The FTP server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote authenticated users to cause a denial of service (reboot) via crafted FTP packets.,Siemens,Scalance X-408 Firmware,,,0.0012600000482052565,false,,false,false,false,,false,false,2015-01-21T17:00:00.000Z,0
CVE-2013-5944,https://securityvulnerability.io/vulnerability/CVE-2013-5944,,"The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management interface.",Siemens,"Scalance X-200 Series Firmware,Scalance X-200",,,0.004449999891221523,false,,false,false,false,,false,false,2013-10-03T10:00:00.000Z,0
CVE-2013-5709,https://securityvulnerability.io/vulnerability/CVE-2013-5709,,"The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value.",Siemens,"Scalance X-200 Series Firmware,Scalance X-200,Scalance X-200rna,Scalance X200-4p Irt,Scalance X201-3p Irt,Scalance X202-2irt,Scalance X202-2p Irt,Scalance X204irt,Scalance Xf-200",,,0.00622999994084239,false,,false,false,false,,false,false,2013-09-17T10:00:00.000Z,0
CVE-2013-4651,https://securityvulnerability.io/vulnerability/CVE-2013-4651,,"Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.",Siemens,"Scalance W700 Series Firmware,Scalance W744-1,Scalance W744-1pro,Scalance W746-1,Scalance W746-1pro,Scalance W747-1,Scalance W747-1rr,Scalance W784-1,Scalance W784-1rr,Scalance W786-1pro,Scalance W786-2pro,Scalance W786-2rr,Scalance W786-3pro,Scalance W788-1pro,Scalance W788-1rr,Scalance W788-2pro,Scalance W788-2rr",,,0.0018100000452250242,false,,false,false,false,,false,false,2013-08-01T13:32:00.000Z,0
CVE-2013-4652,https://securityvulnerability.io/vulnerability/CVE-2013-4652,,Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection.,Siemens,"Scalance W700 Series Firmware,Scalance W744-1,Scalance W744-1pro,Scalance W746-1,Scalance W746-1pro,Scalance W747-1,Scalance W747-1rr,Scalance W784-1,Scalance W784-1rr,Scalance W786-1pro,Scalance W786-2pro,Scalance W786-2rr,Scalance W786-3pro,Scalance W788-1pro,Scalance W788-1rr,Scalance W788-2pro,Scalance W788-2rr",,,0.0051299999468028545,false,,false,false,false,,false,false,2013-08-01T13:32:00.000Z,0
CVE-2013-3633,https://securityvulnerability.io/vulnerability/CVE-2013-3633,,"A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the web interface are only enforced on client side and not properly verified on server side. Therefore, an attacker is able to execute privileged commands using an unprivileged account.",Siemens,"Scalance X200irt Firmware,Scalance X200-4p Irt,Scalance X201-3p Irt,Scalance X202-2irt,Scalance X202-2p Irt,Scalance X204irt,Scalance Xf204irt",,,0.000859999970998615,false,,false,false,false,,false,false,2013-05-24T20:00:00.000Z,0
CVE-2013-3634,https://securityvulnerability.io/vulnerability/CVE-2013-3634,,"A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 does not check the user credentials sufficiently. Therefore, an attacker is able to execute SNMP commands without correct credentials.",Siemens,"Scalance X200irt Firmware,Scalance X200-4p Irt,Scalance X201-3p Irt,Scalance X202-2irt,Scalance X202-2p Irt,Scalance X204irt,Scalance Xf204irt",,,0.0016599999507889152,false,,false,false,false,,false,false,2013-05-24T20:00:00.000Z,0
CVE-2012-1800,https://securityvulnerability.io/vulnerability/CVE-2012-1800,,"Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a crafted DCP frame.",Siemens,"Scalance S Firmware,Scalance S602,Scalance S612,Scalance S613",,,0.03426000103354454,false,,false,false,false,,false,false,2012-04-18T10:00:00.000Z,0
CVE-2012-1802,https://securityvulnerability.io/vulnerability/CVE-2012-1802,,"Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a malformed URL.",Siemens,"Scalance X414-3e Firmware,Scalance X414-3e",,,0.04284000024199486,false,,false,false,false,,false,false,2012-04-18T10:00:00.000Z,0
CVE-2012-1799,https://securityvulnerability.io/vulnerability/CVE-2012-1799,,"The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative password.",Siemens,"Scalance S Firmware,Scalance S602,Scalance S612,Scalance S613",,,0.0064199999906122684,false,,false,false,false,,false,false,2012-04-18T10:00:00.000Z,0