CVE-2022-40631: CVE-2022-40631

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-40631

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-2P IRT (All versions < V5.5.0), SCALANCE X202-2P IRT PRO (All versions < V5.5.0), SCALANCE X204-2 (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X204IRT (All versions < V5.5.0), SCALANCE X204IRT PRO (All versions < V5.5.0), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < V5.5.0), SCALANCE XF202-2P IRT (All versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204-2 (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < V5.5.0), SCALANCE XF204IRT (All versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.0). There is a cross-site scripting vulnerability on the affected devices, that if used by a threat actor, it could result in session hijacking.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Siemens Scalance X-200 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Siemens Scalance X-200是德国西门子（Siemens）公司的一款工业级以太网交换机。 SCALANCE Switches存在跨站脚本漏洞，该漏洞源于存在跨站脚本漏洞，如果被攻击者利用可能会导致会话劫持。以下产品和版本受到影响：SCALANCE X200-4P IRT V5.5.0之前版本、SCALANCE X204-2 V5 .2.5之前版本、SCALANCE X206-1 V5.2.5之前版本、SCALANCE X208 V5.2.5之前版本、SCALANCE X212-2 V5.2

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Siemens	SCALANCE X200-4P IRT	All versions < V5.5.0	-
Siemens	SCALANCE X201-3P IRT	All versions < V5.5.0	-
Siemens	SCALANCE X201-3P IRT PRO	All versions < V5.5.0	-
Siemens	SCALANCE X202-2IRT	All versions < V5.5.0	-
Siemens	SCALANCE X202-2P IRT	All versions < V5.5.0	-
Siemens	SCALANCE X202-2P IRT PRO	All versions < V5.5.0	-
Siemens	SCALANCE X204-2	All versions < V5.2.5	-
Siemens	SCALANCE X204-2FM	All versions < V5.2.5	-
Siemens	SCALANCE X204-2LD	All versions < V5.2.5	-
Siemens	SCALANCE X204-2LD TS	All versions < V5.2.5	-
Siemens	SCALANCE X204-2TS	All versions < V5.2.5	-
Siemens	SCALANCE X204IRT	All versions < V5.5.0	-
Siemens	SCALANCE X204IRT PRO	All versions < V5.5.0	-
Siemens	SCALANCE X206-1	All versions < V5.2.5	-
Siemens	SCALANCE X206-1LD	All versions < V5.2.5	-
Siemens	SCALANCE X208	All versions < V5.2.5	-
Siemens	SCALANCE X208PRO	All versions < V5.2.5	-
Siemens	SCALANCE X212-2	All versions < V5.2.5	-
Siemens	SCALANCE X212-2LD	All versions < V5.2.5	-
Siemens	SCALANCE X216	All versions < V5.2.5	-
Siemens	SCALANCE X224	All versions < V5.2.5	-
Siemens	SCALANCE XF201-3P IRT	All versions < V5.5.0	-
Siemens	SCALANCE XF202-2P IRT	All versions < V5.5.0	-
Siemens	SCALANCE XF204	All versions < V5.2.5	-
Siemens	SCALANCE XF204-2	All versions < V5.2.5	-
Siemens	SCALANCE XF204-2BA IRT	All versions < V5.5.0	-
Siemens	SCALANCE XF204IRT	All versions < V5.5.0	-
Siemens	SCALANCE XF206-1	All versions < V5.2.5	-
Siemens	SCALANCE XF208	All versions < V5.2.5	-
Siemens	SIPLUS NET SCALANCE X202-2P IRT	All versions < V5.5.0	-

II. Public POCs for CVE-2022-40631

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-40631

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: SCALANCE X200-4P IRT

Same vendor: Siemens

Same weakness: CWE-79

V. Comments for CVE-2022-40631

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2022-40631

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-40631

III. Intelligence Information for CVE-2022-40631

IV. Related Vulnerabilities

V. Comments for CVE-2022-40631

Leave a comment