Details of VAR-201305-0215

ID

VAR-201305-0215

CVE

CVE-2013-3634

TITLE

Siemens Scalance X200 IRT Switch SNMPv3 Any in function SNMP Command execution vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2013-002823

DESCRIPTION

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 does not check the user credentials sufficiently. Therefore, an attacker is able to execute SNMP commands without correct credentials. Siemens Scalance X200 IRT Switch firmware SNMPv3 The function does not properly validate the credentials, so any SNMP A command execution vulnerability exists.By using information related to the user name by a third party, any SNMP The command may be executed. The Siemens Scalance X200 series switches can be used to connect industrial components such as PLCs or HMIs. Note: Limited information is currently available regarding this issue. We will update this BID as more information emerges. There is an input validation error vulnerability in Siemens SCALANCE X-200 versions earlier than V4.5.0 and SCALANCE X-200IRT versions earlier than V5.1.0. The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 2.7

sources: NVD: CVE-2013-3634 // JVNDB: JVNDB-2013-002823 // CNVD: CNVD-2013-06391 // BID: 60168 // IVD: ee998b48-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-63636

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: ee998b48-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06391

AFFECTED PRODUCTS

vendor:	siemens	model:	scalance x202-2p irt	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	scalance x204irt	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	scalance x200-4p irt	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	scalance xf204irt	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	scalance x201-3p irt	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	scalance x200irt	scope:	lte	version:	5.0.0	Trust: 1.0
vendor:	siemens	model:	scalance x202-2irt	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	scalance x200 irt	scope:	lt	version:	5.1.0	Trust: 0.8
vendor:	siemens	model:	scalance x200-4pirt	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	scalance x201-3p irt	scope:	eq	version:	none	Trust: 0.8
vendor:	siemens	model:	scalance x201-3p irt	scope:	eq	version:	pro	Trust: 0.8
vendor:	siemens	model:	scalance x202-2irt	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	scalance x202-2p irt	scope:	eq	version:	none	Trust: 0.8
vendor:	siemens	model:	scalance x202-2p irt	scope:	eq	version:	pro	Trust: 0.8
vendor:	siemens	model:	scalance x204irt	scope:	eq	version:	none	Trust: 0.8
vendor:	siemens	model:	scalance x204irt	scope:	eq	version:	pro	Trust: 0.8
vendor:	siemens	model:	scalance xf204irt	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	scalance series switches	scope:	eq	version:	x-200	Trust: 0.6
vendor:	siemens	model:	scalance x200irt	scope:	eq	version:	5.0.0	Trust: 0.6
vendor:	scalance x204irt	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	scalance x202 2p irt	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	scalance x201 3p irt	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	scalance x202 2irt	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	scalance x200 4p irt	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	scalance xf204irt	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	scalance x200irt	model:	-	scope:	eq	version:	5.0.0	Trust: 0.2

sources: IVD: ee998b48-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06391 // JVNDB: JVNDB-2013-002823 // CNNVD: CNNVD-201305-539 // NVD: CVE-2013-3634

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-3634
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-3634
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2013-06391
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201305-539
value:	HIGH
Trust: 0.6
IVD:	ee998b48-2352-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
VULHUB:	VHN-63636
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-3634
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-06391
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	ee998b48-2352-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-63636
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: ee998b48-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06391 // VULHUB: VHN-63636 // JVNDB: JVNDB-2013-002823 // CNNVD: CNNVD-201305-539 // NVD: CVE-2013-3634

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-63636 // JVNDB: JVNDB-2013-002823 // NVD: CVE-2013-3634

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201305-539

TYPE

Input validation error

Trust: 0.8

sources: IVD: ee998b48-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201305-539

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002823

PATCH

title:	SSA-170686	url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-170686.pdf	Trust: 0.8
title:	Siemens Scalance X200 Series Switch SNMPv3 Remote Security Bypass Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/34397	Trust: 0.6

sources: CNVD: CNVD-2013-06391 // JVNDB: JVNDB-2013-002823

EXTERNAL IDS

db:	NVD	id:	CVE-2013-3634	Trust: 3.6
db:	SIEMENS	id:	SSA-170686	Trust: 1.7
db:	ICS CERT	id:	ICSA-13-149-01	Trust: 1.4
db:	BID	id:	60168	Trust: 1.0
db:	CNNVD	id:	CNNVD-201305-539	Trust: 0.9
db:	CNVD	id:	CNVD-2013-06391	Trust: 0.8
db:	ICS CERT	id:	ICSA-13-169-01	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-002823	Trust: 0.8
db:	SECUNIA	id:	53519	Trust: 0.6
db:	IVD	id:	EE998B48-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	SEEBUG	id:	SSVID-89661	Trust: 0.1
db:	VULHUB	id:	VHN-63636	Trust: 0.1

sources: IVD: ee998b48-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06391 // VULHUB: VHN-63636 // BID: 60168 // JVNDB: JVNDB-2013-002823 // CNNVD: CNNVD-201305-539 // NVD: CVE-2013-3634

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-170686.pdf	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3634	Trust: 0.8
url:	http://ics-cert.us-cert.gov/advisories/icsa-13-149-01	Trust: 0.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-13-169-01	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3634	Trust: 0.8
url:	http://secunia.com/advisories/53519/	Trust: 0.6
url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-170686.pdf	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-13-149-01	Trust: 0.6
url:	http://subscriber.communications.siemens.com/	Trust: 0.3

sources: CNVD: CNVD-2013-06391 // VULHUB: VHN-63636 // BID: 60168 // JVNDB: JVNDB-2013-002823 // CNNVD: CNNVD-201305-539 // NVD: CVE-2013-3634

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 60168

SOURCES

db:	IVD	id:	ee998b48-2352-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2013-06391
db:	VULHUB	id:	VHN-63636
db:	BID	id:	60168
db:	JVNDB	id:	JVNDB-2013-002823
db:	CNNVD	id:	CNNVD-201305-539
db:	NVD	id:	CVE-2013-3634

LAST UPDATE DATE

2024-08-14T15:35:13.581000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-06391	date:	2013-05-31T00:00:00
db:	VULHUB	id:	VHN-63636	date:	2019-12-12T00:00:00
db:	BID	id:	60168	date:	2013-06-19T06:37:00
db:	JVNDB	id:	JVNDB-2013-002823	date:	2013-06-25T00:00:00
db:	CNNVD	id:	CNNVD-201305-539	date:	2019-12-13T00:00:00
db:	NVD	id:	CVE-2013-3634	date:	2019-12-12T20:15:11.787

SOURCES RELEASE DATE

db:	IVD	id:	ee998b48-2352-11e6-abef-000c29c66e3d	date:	2013-05-31T00:00:00
db:	CNVD	id:	CNVD-2013-06391	date:	2013-05-31T00:00:00
db:	VULHUB	id:	VHN-63636	date:	2013-05-24T00:00:00
db:	BID	id:	60168	date:	2013-05-24T00:00:00
db:	JVNDB	id:	JVNDB-2013-002823	date:	2013-05-29T00:00:00
db:	CNNVD	id:	CNNVD-201305-539	date:	2013-05-27T00:00:00
db:	NVD	id:	CVE-2013-3634	date:	2013-05-24T20:55:01.767