Vulnerabilities > Siemens > Scalance Xb216 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2022-46140 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products
Affected devices use a weak encryption scheme to encrypt the debug zip file.
network
low complexity
siemens CWE-327
6.5
2022-12-13 CVE-2022-46142 Storing Passwords in a Recoverable Format vulnerability in Siemens products
Affected devices store the CLI user passwords encrypted in flash memory.
low complexity
siemens CWE-257
5.7
2022-12-13 CVE-2022-46143 Improper Validation of Specified Quantity in Input vulnerability in Siemens products
Affected devices do not check the TFTP blocksize correctly.
network
low complexity
siemens CWE-1284
2.7
2022-08-10 CVE-2022-36323 Unspecified vulnerability in Siemens products
Affected devices do not properly sanitize an input field.
network
low complexity
siemens
critical
9.1
2022-08-10 CVE-2022-36324 Allocation of Resources Without Limits or Throttling vulnerability in Siemens products
Affected devices do not properly handle the renegotiation of SSL/TLS parameters.
network
low complexity
siemens CWE-770
7.5
2022-08-10 CVE-2022-36325 Unspecified vulnerability in Siemens products
Affected devices do not properly sanitize data introduced by an user when rendering the web interface.
network
low complexity
siemens
4.8
2021-01-12 CVE-2020-28391 Use of Hard-coded Cryptographic Key vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
high complexity
siemens CWE-321
5.9
2021-01-12 CVE-2020-25226 Heap-based Buffer Overflow vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
low complexity
siemens CWE-122
critical
9.8
2021-01-12 CVE-2020-15800 Heap-based Buffer Overflow vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
low complexity
siemens CWE-122
critical
9.8
2021-01-12 CVE-2020-15799 Missing Authentication for Critical Function vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
low complexity
siemens CWE-306
6.5