Vulnerabilities > Siemens > Scalance Xf204 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-46140 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products Affected devices use a weak encryption scheme to encrypt the debug zip file. | 6.5 |
| 2022-12-13 | CVE-2022-46142 | Storing Passwords in a Recoverable Format vulnerability in Siemens products Affected devices store the CLI user passwords encrypted in flash memory. | 5.7 |
| 2022-10-11 | CVE-2022-40631 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-2P IRT (All versions < V5.5.0), SCALANCE X202-2P IRT PRO (All versions < V5.5.0), SCALANCE X204-2 (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X204IRT (All versions < V5.5.0), SCALANCE X204IRT PRO (All versions < V5.5.0), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < V5.5.0), SCALANCE XF202-2P IRT (All versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204-2 (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < V5.5.0), SCALANCE XF204IRT (All versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.0). | 6.1 |
| 2021-01-12 | CVE-2020-28391 | Use of Hard-coded Cryptographic Key vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. | 5.9 |
| 2021-01-12 | CVE-2020-15799 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. | 6.5 |