Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2023-31238
Modified
More InfoOfficial Page
Source-productcert@siemens.com
View Known Exploited Vulnerability (KEV) details
Published At-13 Jun, 2023 | 09:15
Updated At-09 Dec, 2025 | 16:17

A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.11), SICAM T (All versions < V3.0). Affected devices are missing cookie protection flags when using the default settings. An attacker who gains access to a session token can use it to impersonate a legitimate application user.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.5MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Primary3.14.8MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Type: Secondary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 4.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CPE Matches
Siemens AG
siemens
>>q200_firmware>>Versions before 2.70(exclusive)
cpe:2.3:o:siemens:q200_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>q200>>-
cpe:2.3:h:siemens:q200:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-732Secondaryproductcert@siemens.com
CWE-732Primarynvd@nist.gov
CWE ID: CWE-732
Type: Secondary
Source: productcert@siemens.com
CWE ID: CWE-732
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/html/ssa-201498.htmlproductcert@siemens.com
N/A
https://cert-portal.siemens.com/productcert/html/ssa-471761.htmlproductcert@siemens.com
N/A
https://cert-portal.siemens.com/productcert/html/ssa-480095.htmlproductcert@siemens.com
N/A
https://cert-portal.siemens.com/productcert/html/ssa-887249.htmlproductcert@siemens.com
N/A
https://cert-portal.siemens.com/productcert/pdf/ssa-480095.pdfproductcert@siemens.com
N/A
https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdfproductcert@siemens.com
Patch
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-480095.pdfaf854a3a-2127-422b-91ae-364da2661108
N/A
https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdfaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-201498.html
Source: productcert@siemens.com
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-471761.html
Source: productcert@siemens.com
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-480095.html
Source: productcert@siemens.com
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-887249.html
Source: productcert@siemens.com
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-480095.pdf
Source: productcert@siemens.com
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
Source: productcert@siemens.com
Resource:
Patch
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-480095.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Change History
0Changes found
Details not found