VDB
SSA-693776
SSA-693776
PUBLISHED
CVSS 6.5 MEDIUM
The "Load Rollback" functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with "guest" role to make the affected product roll back configuration changes made by privileged users.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) | |
| Siemens | SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) | |
| Siemens | SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) | |
| Siemens | SCALANCE XCM332 (6GK5332-0GA01-2AC2) | |
| Siemens | SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) | |
| Siemens | SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) | |
| Siemens | SCALANCE XCM328 (6GK5328-4TS01-2AC2) | |
| Siemens | SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) | |
| Siemens | SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) | |
| Siemens | SCALANCE XCM324 (6GK5324-8TS01-2AC2) | |
| Siemens | SCALANCE XCH328 (6GK5328-4TS01-2EC2) | |
| Siemens | SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) | |
| Siemens | SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) | |
| Siemens | RUGGEDCOM RST2428P (6GK6242-6PA00) | |
| Siemens | SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) |
Timeline
- Jun 10, 2025 CVE Published
- Jan 13, 2026 CVE Updated