Vulnerabilities > Siemens > Scalance X 200 Series Firmware > 4.3

DATE	CVE	VULNERABILITY TITLE	RISK
2015-02-02	CVE-2015-1049	Improper Input Validation vulnerability in Siemens Scalance X-200 Series Firmware The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors. network siemens CWE-20	6.8
2013-10-03	CVE-2013-5944	Improper Authentication vulnerability in Siemens products The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management interface. network low complexity siemens CWE-287 critical	10.0
2013-09-17	CVE-2013-5709	Numeric Errors vulnerability in Siemens products The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value. network siemens CWE-189	8.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.