| Summary | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users. |
|---|---|
| Publication Date | Aug. 13, 2024, 5:15 p.m. |
| Registration Date | Aug. 26, 2024, 5:03 p.m. |
| Last Update | Aug. 24, 2024, 3:34 a.m. |
| CVSS3.1 : MEDIUM | |
| スコア | 6.5 |
|---|---|
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| 攻撃元区分(AV) | ネットワーク |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃に必要な特権レベル(PR) | 低 |
| 利用者の関与(UI) | 不要 |
| 影響の想定範囲(S) | 変更なし |
| 機密性への影響(C) | 高 |
| 完全性への影響(I) | なし |
| 可用性への影響(A) | なし |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_eu_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_eu:-:*:*:*:*:*:*:* | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_nam_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_nam:-:*:*:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:* | ||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m826-2_shdsl-router_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:-:*:*:*:*:*:*:* | ||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:* | ||||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:* | ||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:* | ||||
| Configuration8 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:* | ||||
| Configuration9 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m874-3_3g-router_\(cn\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m874-3_3g-router_\(cn\):-:*:*:*:*:*:*:* | ||||
| Configuration10 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m876-3_\(rok\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m876-3_\(rok\):-:*:*:*:*:*:*:* | ||||
| Configuration11 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m876-4_\(eu\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m876-4_\(eu\):-:*:*:*:*:*:*:* | ||||
| Configuration12 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m876-4_\(nam\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m876-4_\(nam\):-:*:*:*:*:*:*:* | ||||
| Configuration13 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_mum853-1_\(a1\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_mum853-1_\(a1\):-:*:*:*:*:*:*:* | ||||
| Configuration14 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_mum853-1_\(b1\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_mum853-1_\(b1\):-:*:*:*:*:*:*:* | ||||
| Configuration15 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_mum853-1_\(eu\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_mum853-1_\(eu\):-:*:*:*:*:*:*:* | ||||
| Configuration16 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_mum856-1_\(a1\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_mum856-1_\(a1\):-:*:*:*:*:*:*:* | ||||
| Configuration17 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_mum856-1_\(b1\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_mum856-1_\(b1\):-:*:*:*:*:*:*:* | ||||
| Configuration18 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_mum856-1_\(cn\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_mum856-1_\(cn\):-:*:*:*:*:*:*:* | ||||
| Configuration19 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_mum856-1_\(eu\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_mum856-1_\(eu\):-:*:*:*:*:*:*:* | ||||
| Configuration20 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_mum856-1_\(row\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_mum856-1_\(row\):-:*:*:*:*:*:*:* | ||||
| Configuration21 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_s615_eec_lan-router_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_s615_eec_lan-router:-:*:*:*:*:*:*:* | ||||
| Configuration22 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_s615_lan-router_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_s615_lan-router:-:*:*:*:*:*:*:* | ||||
| Configuration23 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m812-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m812-1_\(annex_a\):-:*:*:*:*:*:*:* | ||||
| Configuration24 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m812-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m812-1_\(annex_b\):-:*:*:*:*:*:*:* | ||||
| Configuration25 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m816-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m816-1_\(annex_a\):-:*:*:*:*:*:*:* | ||||
| Configuration26 | or higher | or less | more than | less than | |
| cpe:2.3:o:siemens:scalance_m816-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:* | 8.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:siemens:scalance_m816-1_\(annex_b\):-:*:*:*:*:*:*:* | ||||
| Title | 複数のシーメンス製品におけるログファイルからの情報漏えいに関する脆弱性 |
|---|---|
| Summary | ruggedcom rm1224 lte(4g) eu ファームウェア、ruggedcom rm1224 lte(4g) nam ファームウェア、scalance m804pb ファームウェア等複数のシーメンス製品には、ログファイルからの情報漏えいに関する脆弱性が存在します。 |
| Possible impacts | 情報を取得される可能性があります。 |
| Solution | ベンダアドバイザリまたはパッチ情報が公開されています。参考情報を参照して適切な対策を実施してください。 |
| Publication Date | Aug. 13, 2024, midnight |
| Registration Date | Aug. 26, 2024, 2:09 p.m. |
| Last Update | Aug. 26, 2024, 2:09 p.m. |
| シーメンス |
| ruggedcom rm1224 lte(4g) eu ファームウェア 8.1 未満 |
| ruggedcom rm1224 lte(4g) nam ファームウェア 8.1 未満 |
| scalance m804pb ファームウェア 8.1 未満 |
| scalance m826-2 shdsl-router ファームウェア 8.1 未満 |
| scalance m874-2 ファームウェア 8.1 未満 |
| scalance m874-3 3g-router (cn) ファームウェア 8.1 未満 |
| scalance m874-3 ファームウェア 8.1 未満 |
| scalance m876-3 (rok) ファームウェア 8.1 未満 |
| scalance m876-3 ファームウェア 8.1 未満 |
| scalance m876-4 (eu) ファームウェア 8.1 未満 |
| scalance m876-4 (nam) ファームウェア 8.1 未満 |
| scalance m876-4 ファームウェア 8.1 未満 |
| scalance mum853-1 (a1) ファームウェア 8.1 未満 |
| scalance mum853-1 (b1) ファームウェア 8.1 未満 |
| scalance mum853-1 (eu) ファームウェア 8.1 未満 |
| scalance mum856-1 (a1) ファームウェア 8.1 未満 |
| scalance mum856-1 (b1) ファームウェア 8.1 未満 |
| scalance mum856-1 (cn) ファームウェア 8.1 未満 |
| scalance mum856-1 (eu) ファームウェア 8.1 未満 |
| scalance mum856-1 (row) ファームウェア 8.1 未満 |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2024年08月26日] 掲載 |
Aug. 26, 2024, 2:09 p.m. |