CVE-2018-16555

CVE-2018-16555

Vendor Siemens Ag
Product SCALANCE S602, SCALANCE S612, SCALANCE S623, SCALANCE S627-2M
Weakness CWE-80 · XSS · basic
Published December 13, 2018
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in SCALANCE S602 (All versions < V4.0.1.1), SCALANCE S612 (All versions < V4.0.1.1), SCALANCE S623 (All versions < V4.0.1.1), SCALANCE S627-2M (All versions < V4.0.1.1). The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known.

Key dates

02Disclosure timeline

December 13, 2018 CVE published
August 5, 2024 Record updated