ID

VAR-201309-0316


CVE

CVE-2013-5709


TITLE

Siemens SCALANCE X-200 Series Switch Session Hijacking Vulnerability

Trust: 0.8

sources: IVD: abb36416-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13027

DESCRIPTION

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value. The Siemens Scalance X200 is an industrial Ethernet switch from Siemens. Remote attackers can exploit this issue to hijack web sessions over the network without authentication. Other attacks are also possible. Siemens Scalance X-200 Series switches running firmware versions prior to 5.0.0 are vulnerable

Trust: 2.7

sources: NVD: CVE-2013-5709 // JVNDB: JVNDB-2013-004188 // CNVD: CNVD-2013-13027 // BID: 62341 // IVD: abb36416-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-65711

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: abb36416-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13027

AFFECTED PRODUCTS

vendor:siemensmodel:scalance x-200 seriesscope:eqversion:4.3

Trust: 1.6

vendor:siemensmodel:scalance x202-2p irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x204irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x200-4p irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x-200scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x201-3p irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x-200rnascope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xf-200scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x-200 seriesscope:lteversion:4.4

Trust: 1.0

vendor:siemensmodel:scalance x202-2irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x-200scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x-200 seriesscope:ltversion:5.0.0

Trust: 0.8

vendor:siemensmodel:scalance x-200rnascope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x200-4pirtscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x201-3p irtscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x202-2irtscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x202-2p irtscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x204irtscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance xf-200scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance series switchesscope:eqversion:x-200

Trust: 0.6

vendor:siemensmodel:scalance x-200 seriesscope:eqversion:4.4

Trust: 0.6

vendor:scalance x202 2p irtmodel: - scope:eqversion: -

Trust: 0.4

vendor:scalance x204irtmodel: - scope:eqversion: -

Trust: 0.4

vendor:scalance x201 3p irtmodel: - scope:eqversion: -

Trust: 0.4

vendor:siemensmodel:scalance xf208scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance xf206-1scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance xf204-2scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance xf204scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x2240

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x2160

Trust: 0.3

vendor:siemensmodel:scalance x212-2ldscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x212-20

Trust: 0.3

vendor:siemensmodel:scalance x208proscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x2080

Trust: 0.3

vendor:siemensmodel:scalance x206-1ldscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x206-10

Trust: 0.3

vendor:siemensmodel:scalance x204-2tsscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance x204-2ldscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x204-20

Trust: 0.3

vendor:siemensmodel:scalance xf208scope:neversion:5.0

Trust: 0.3

vendor:siemensmodel:scalance xf206-1scope:neversion:5.0

Trust: 0.3

vendor:siemensmodel:scalance xf204-2scope:neversion:5.0

Trust: 0.3

vendor:siemensmodel:scalance xf204scope:neversion:5.0

Trust: 0.3

vendor:siemensmodel:scalancescope:neversion:x2245.0

Trust: 0.3

vendor:siemensmodel:scalancescope:neversion:x2165.0

Trust: 0.3

vendor:siemensmodel:scalance x212-2ldscope:neversion:5.0

Trust: 0.3

vendor:siemensmodel:scalancescope:neversion:x212-25.0

Trust: 0.3

vendor:siemensmodel:scalance x208proscope:neversion:5.0

Trust: 0.3

vendor:siemensmodel:scalancescope:neversion:x2085.0

Trust: 0.3

vendor:siemensmodel:scalance x206-1ldscope:neversion:5.0

Trust: 0.3

vendor:siemensmodel:scalance x204-2tsscope:neversion:5.0

Trust: 0.3

vendor:siemensmodel:scalance x204-2ldscope:neversion:5.0

Trust: 0.3

vendor:siemensmodel:scalancescope:neversion:x204-25.0

Trust: 0.3

vendor:scalance x 200rnamodel: - scope:eqversion: -

Trust: 0.2

vendor:scalance x 200 seriesmodel: - scope:eqversion:4.4

Trust: 0.2

vendor:scalance x 200model: - scope:eqversion: -

Trust: 0.2

vendor:scalance x200 4p irtmodel: - scope:eqversion: -

Trust: 0.2

vendor:scalance x 200 seriesmodel: - scope:eqversion:4.3

Trust: 0.2

vendor:scalance x202 2irtmodel: - scope:eqversion: -

Trust: 0.2

vendor:scalance xf 200model: - scope:eqversion: -

Trust: 0.2

sources: IVD: abb36416-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13027 // BID: 62341 // JVNDB: JVNDB-2013-004188 // CNNVD: CNNVD-201309-245 // NVD: CVE-2013-5709

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-5709
value: HIGH

Trust: 1.0

NVD: CVE-2013-5709
value: HIGH

Trust: 0.8

CNVD: CNVD-2013-13027
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201309-245
value: HIGH

Trust: 0.6

IVD: abb36416-2352-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

VULHUB: VHN-65711
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-5709
severity: HIGH
baseScore: 8.3
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-13027
severity: HIGH
baseScore: 8.3
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: abb36416-2352-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 8.3
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-65711
severity: HIGH
baseScore: 8.3
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: abb36416-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13027 // VULHUB: VHN-65711 // JVNDB: JVNDB-2013-004188 // CNNVD: CNNVD-201309-245 // NVD: CVE-2013-5709

PROBLEMTYPE DATA

problemtype:CWE-189

Trust: 1.9

sources: VULHUB: VHN-65711 // JVNDB: JVNDB-2013-004188 // NVD: CVE-2013-5709

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201309-245

TYPE

digital error

Trust: 0.6

sources: CNNVD: CNNVD-201309-245

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-004188

PATCH

title:SSA-850708url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf

Trust: 0.8

title:Patch for the Siemens SCALANCE X-200 Series Switch Session Hijacking Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/39576

Trust: 0.6

sources: CNVD: CNVD-2013-13027 // JVNDB: JVNDB-2013-004188

EXTERNAL IDS

db:NVDid:CVE-2013-5709

Trust: 3.6

db:ICS CERTid:ICSA-13-254-01

Trust: 2.8

db:SIEMENSid:SSA-850708

Trust: 2.3

db:BIDid:62341

Trust: 1.0

db:CNNVDid:CNNVD-201309-245

Trust: 0.9

db:CNVDid:CNVD-2013-13027

Trust: 0.8

db:JVNDBid:JVNDB-2013-004188

Trust: 0.8

db:SECUNIAid:54784

Trust: 0.6

db:IVDid:ABB36416-2352-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:SEEBUGid:SSVID-89653

Trust: 0.1

db:VULHUBid:VHN-65711

Trust: 0.1

sources: IVD: abb36416-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13027 // VULHUB: VHN-65711 // BID: 62341 // JVNDB: JVNDB-2013-004188 // CNNVD: CNNVD-201309-245 // NVD: CVE-2013-5709

REFERENCES

url:http://ics-cert.us-cert.gov/advisories/icsa-13-254-01

Trust: 2.5

url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-850708.pdf

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5709

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5709

Trust: 0.8

url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf

Trust: 0.6

url:http://www.secunia.com/advisories/54784/

Trust: 0.6

url:http://subscriber.communications.siemens.com/

Trust: 0.3

url:http://ics-cert.us-cert.gov/advisories/icsa-13-254-01#footnoteb_gtr58ow

Trust: 0.3

sources: CNVD: CNVD-2013-13027 // VULHUB: VHN-65711 // BID: 62341 // JVNDB: JVNDB-2013-004188 // CNNVD: CNNVD-201309-245 // NVD: CVE-2013-5709

CREDITS

Eireann Leverett of IOActive

Trust: 0.9

sources: BID: 62341 // CNNVD: CNNVD-201309-245

SOURCES

db:IVDid:abb36416-2352-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2013-13027
db:VULHUBid:VHN-65711
db:BIDid:62341
db:JVNDBid:JVNDB-2013-004188
db:CNNVDid:CNNVD-201309-245
db:NVDid:CVE-2013-5709

LAST UPDATE DATE

2024-08-14T15:03:40.384000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-13027date:2013-09-17T00:00:00
db:VULHUBid:VHN-65711date:2020-02-10T00:00:00
db:BIDid:62341date:2013-09-11T00:00:00
db:JVNDBid:JVNDB-2013-004188date:2013-09-19T00:00:00
db:CNNVDid:CNNVD-201309-245date:2020-02-11T00:00:00
db:NVDid:CVE-2013-5709date:2020-02-10T15:15:12.010

SOURCES RELEASE DATE

db:IVDid:abb36416-2352-11e6-abef-000c29c66e3ddate:2013-09-17T00:00:00
db:CNVDid:CNVD-2013-13027date:2013-09-16T00:00:00
db:VULHUBid:VHN-65711date:2013-09-17T00:00:00
db:BIDid:62341date:2013-09-11T00:00:00
db:JVNDBid:JVNDB-2013-004188date:2013-09-19T00:00:00
db:CNNVDid:CNNVD-201309-245date:2013-09-17T00:00:00
db:NVDid:CVE-2013-5709date:2013-09-17T12:04:28.820