Unknown
CVE-2024-54015
CVE-2024-54015
Description
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC 5 6MD85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD86 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD89 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MU85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7KE85 (CP300) (All versions >= V8.80), SIPROTEC 5 7SA82 (CP150) (All versions < V9.90), SIPROTEC 5 7SA86 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SA87 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SD82 (CP150) (All versions < V9.90), SIPROTEC 5 7SD86 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SD87 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.90), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.90), SIPROTEC 5 7SJ85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SJ86 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SK82 (CP150) (All versions < V9.90), SIPROTEC 5 7SK85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SL82 (CP150) (All versions < V9.90), SIPROTEC 5 7SL86 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SL87 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SS85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7ST85 (CP300) (All versions >= V8.80), SIPROTEC 5 7ST86 (CP300) (All versions), SIPROTEC 5 7SX82 (CP150) (All versions < V9.90), SIPROTEC 5 7SX85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7SY82 (CP150) (All versions < V9.90), SIPROTEC 5 7UM85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7UT82 (CP150) (All versions < V9.90), SIPROTEC 5 7UT85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7UT86 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7UT87 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7VE85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7VK87 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7VU85 (CP300) (All versions < V9.90), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.2) (All versions < V9.90), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 2) (All versions < V9.90), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions >= V8.80 < V9.90), SIPROTEC 5 Compact 7SX800 (CP050) (All versions >= V9.50 < V9.90). Affected devices do not properly validate SNMP GET requests. This could allow an unauthenticated, remote attacker to retrieve sensitive information of the affected devices with SNMPv2 GET requests using default credentials.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- SIPROTEC 5 6MD84 (CP300),
- SIPROTEC 5 6MD85 (CP300),
- SIPROTEC 5 6MD86 (CP300),
- SIPROTEC 5 6MD89 (CP300),
- SIPROTEC 5 6MU85 (CP300),
- SIPROTEC 5 7KE85 (CP300),
- SIPROTEC 5 7SA82 (CP150),
- SIPROTEC 5 7SA86 (CP300),
- SIPROTEC 5 7SA87 (CP300),
- SIPROTEC 5 7SD82 (CP150),
- SIPROTEC 5 7SD86 (CP300),
- SIPROTEC 5 7SD87 (CP300),
- SIPROTEC 5 7SJ81 (CP150),
- SIPROTEC 5 7SJ82 (CP150),
- SIPROTEC 5 7SJ85 (CP300),
- SIPROTEC 5 7SJ86 (CP300),
- SIPROTEC 5 7SK82 (CP150),
- SIPROTEC 5 7SK85 (CP300),
- SIPROTEC 5 7SL82 (CP150),
- SIPROTEC 5 7SL86 (CP300),
- SIPROTEC 5 7SL87 (CP300),
- SIPROTEC 5 7SS85 (CP300),
- SIPROTEC 5 7ST85 (CP300),
- SIPROTEC 5 7ST86 (CP300),
- SIPROTEC 5 7SX82 (CP150),
- SIPROTEC 5 7SX85 (CP300),
- SIPROTEC 5 7SY82 (CP150),
- SIPROTEC 5 7UM85 (CP300),
- SIPROTEC 5 7UT82 (CP150),
- SIPROTEC 5 7UT85 (CP300),
- SIPROTEC 5 7UT86 (CP300),
- SIPROTEC 5 7UT87 (CP300),
- SIPROTEC 5 7VE85 (CP300),
- SIPROTEC 5 7VK87 (CP300),
- SIPROTEC 5 7VU85 (CP300),
- SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.2),
- SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 2),
- SIPROTEC 5 Communication Module ETH-BD-2FO,
- SIPROTEC 5 Compact 7SX800 (CP050)
References
