Vulnerability Change Records for CVE-2019-13924

Change History

Reanalysis 2/13/2020 1:44:39 PM

Action Type Old Value New Value
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Removed CVSS V3.1
NIST AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

								
						

Initial Analysis 2/13/2020 11:21:55 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:scalance_x-200irt_firmware:*:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:siemens:scalance_x-200irt:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:scalance_x-300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.3
     OR
          cpe:2.3:h:siemens:scalance_x-300:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.4
     OR
          cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.4
     OR
          cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:scalance_xf-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.4
     OR
          cpe:2.3:h:siemens:scalance_xf-200:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.4
     OR
          cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:scalance_xr-300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.3
     OR
          cpe:2.3:h:siemens:scalance_xr-300:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.3
     OR
          cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Added CVSS V2 Metadata

								
							
							
						
Victim must voluntarily interact with attack mechanism
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Added CWE

								
							
							
						
NIST CWE-1021
Changed Reference Type
https://cert-portal.siemens.com/productcert/pdf/ssa-951513.pdf No Types Assigned
https://cert-portal.siemens.com/productcert/pdf/ssa-951513.pdf Vendor Advisory

CVE Modified by Siemens AG 3/04/2020 10:15:11 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.us-cert.gov/ics/advisories/icsa-20-042-07 [No Types Assigned]