CVE-2022-46350: XSS

First published: Tue Dec 13 2022(Updated: )

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.

Credit: productcert@siemens.com productcert@siemens.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• collector/mitre-cve
• source/MITRE
• agent/severity
• agent/remedy
• agent/references
• agent/description
• agent/first-publish-date
• agent/last-modified-date
• agent/author
• agent/event
• agent/source
• agent/weakness
• agent/softwarecombine
• agent/tags
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• collector/nvd-index
• vendor/siemens
• canonical/siemens 6gk5204-0ba00-2mb2
• canonical/siemens 6gk5204-0ba00-2mb2 firmware
• canonical/siemens 6gk5204-0ba00-2kb2
• canonical/siemens 6gk5204-0ba00-2kb2 firmware
• canonical/siemens 6gk5204-0bs00-2na3
• canonical/siemens 6gk5204-0bs00-2na3 firmware
• canonical/siemens 6gk5204-0bs00-3la3
• canonical/siemens 6gk5204-0bs00-3la3 firmware
• canonical/siemens 6gk5204-0bs00-3pa3
• canonical/siemens 6gk5204-0bs00-3pa3 firmware