Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-6569

The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.

Published

2019-03-26T22:29:00.833

Last Modified

2024-11-21T04:46:43.123

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.1 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

4.9

Weaknesses

Type: Primary
CWE-440
Type: Secondary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	scalance_x-200_firmware	< 5.2.4	Yes
Hardware	siemens	scalance_x-200	-	No
Operating System	siemens	scalance_x-300_firmware	< 4.1.3	Yes
Hardware	siemens	scalance_x-300	-	No
Operating System	siemens	scalance_xp-200_firmware	< 4.1	Yes
Hardware	siemens	scalance_xp-200	-	No
Operating System	siemens	scalance_xc-200_firmware	< 4.1	Yes
Hardware	siemens	scalance_xc-200	-	No
Operating System	siemens	scalance_xf-200_firmware	< 4.1	Yes
Hardware	siemens	scalance_xf-200	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-557804.pdf Patch, Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-557804.pdf Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)