7.5
HIGH
CVE-2022-36324
Apache SSL/TLS Renegotiation Denial of Service Vulnerability
Description

Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.

INFO

Published Date :

Aug. 10, 2022, 12:15 p.m.

Last Modified :

Feb. 23, 2023, 4:19 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2022-36324 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Siemens scalance_m-800_firmware
2 Siemens scalance_s615_firmware
3 Siemens scalance_xm408-4c_firmware
4 Siemens scalance_xm408-4c_l3_firmware
5 Siemens scalance_xm408-8c_firmware
6 Siemens scalance_xm408-8c_l3_firmware
7 Siemens scalance_xm416-4c_firmware
8 Siemens scalance_xm416-4c_l3_firmware
9 Siemens scalance_xr524-8c_firmware
10 Siemens scalance_xr524-8c_l3_firmware
11 Siemens scalance_xr526-8c_firmware
12 Siemens scalance_xr528-6m_firmware
13 Siemens scalance_xr528-6m_2hr2_firmware
14 Siemens scalance_xr528-6m_2hr2_l3_firmware
15 Siemens scalance_xr528-6m_l3_firmware
16 Siemens scalance_xr552-12m_firmware
17 Siemens scalance_xr552-12m_2hr2_firmware
18 Siemens scalance_xr552-12m_2hr2_l3_firmware
19 Siemens scalance_xp-200_firmware
20 Siemens scalance_xc-200_firmware
21 Siemens scalance_xf204-2ba_irt_firmware
22 Siemens scalance_sc632-2c_firmware
23 Siemens scalance_sc636-2c_firmware
24 Siemens scalance_sc642-2c_firmware
25 Siemens scalance_sc646-2c_firmware
26 Siemens scalance_sc622-2c_firmware
27 Siemens scalance_xb-200_firmware
28 Siemens scalance_xf-200ba_firmware
29 Siemens scalance_xr-300wg_firmware
30 Siemens scalance_xf204_firmware
31 Siemens scalance_xm400_firmware
32 Siemens scalance_xr324-4m_eec_firmware
33 Siemens scalance_xr324-4m_poe_firmware
34 Siemens scalance_xr324-4m_poe_ts_firmware
35 Siemens scalance_xr324-12m_firmware
36 Siemens scalance_xr324-12m_ts_firmware
37 Siemens scalance_xr500_firmware
38 Siemens scalance_m804pb_firmware
39 Siemens scalance_m874-2_firmware
40 Siemens scalance_m874-3_firmware
41 Siemens ruggedcom_rm1224_lte\(4g\)_eu_firmware
42 Siemens ruggedcom_rm1224_lte\(4g\)_nam_firmware
43 Siemens scalance_m826-2_shdsl-router_firmware
44 Siemens scalance_sc626-2c_firmware
45 Siemens scalance_w721-1_rj45_firmware
46 Siemens scalance_w722-1_rj45_firmware
47 Siemens scalance_w734-1_rj45_firmware
48 Siemens scalance_w738-1_m12_firmware
49 Siemens scalance_w748-1_m12_firmware
50 Siemens scalance_w761-1_rj45_firmware
51 Siemens scalance_w774-1_m12_eec_firmware
52 Siemens scalance_w774-1_rj45_firmware
53 Siemens scalance_w778-1_m12_firmware
54 Siemens scalance_w778-1_m12_eec_firmware
55 Siemens scalance_w786-1_rj45_firmware
56 Siemens scalance_w786-2_rj45_firmware
57 Siemens scalance_w786-2_sfp_firmware
58 Siemens scalance_w786-2ia_rj45_firmware
59 Siemens scalance_w788-1_m12_firmware
60 Siemens scalance_w788-1_rj45_firmware
61 Siemens scalance_w788-2_m12_firmware
62 Siemens scalance_w788-2_m12_eec_firmware
63 Siemens scalance_w1748-1_m12_firmware
64 Siemens scalance_w1788-1_m12_firmware
65 Siemens scalance_w1788-2_eec_m12_firmware
66 Siemens scalance_w1788-2_m12_firmware
67 Siemens scalance_w1788-2ia_m12_firmware
68 Siemens scalance_wam763-1_firmware
69 Siemens scalance_wum763-1_firmware
70 Siemens scalance_xb205-3_firmware
71 Siemens scalance_xb205-3ld_firmware
72 Siemens scalance_xb208_firmware
73 Siemens scalance_xb213-3_firmware
74 Siemens scalance_xb213-3ld_firmware
75 Siemens scalance_xb216_firmware
76 Siemens scalance_xc206-2_firmware
77 Siemens scalance_xc206-2g_poe_firmware
78 Siemens scalance_xc206-2g_poe_eec_firmware
79 Siemens scalance_xc206-2sfp_firmware
80 Siemens scalance_xc206-2sfp_eec_firmware
81 Siemens scalance_xc206-2sfp_g_firmware
82 Siemens scalance_xc206-2sfp_g_eec_firmware
83 Siemens scalance_xc208_firmware
84 Siemens scalance_xc216_firmware
85 Siemens scalance_xc216-3g_poe_firmware
86 Siemens scalance_xc216-4c_firmware
87 Siemens scalance_xc216-4c_g_firmware
88 Siemens scalance_xc216-4c_g_eec_firmware
89 Siemens scalance_xc216eec_firmware
90 Siemens scalance_xc224_firmware
91 Siemens scalance_xc224-4c_g_firmware
92 Siemens scalance_xc224-4c_g_eec_firmware
93 Siemens scalance_xf204_dna_firmware
94 Siemens scalance_xf204-2ba_firmware
95 Siemens scalance_xp208_firmware
96 Siemens scalance_xp208eec_firmware
97 Siemens scalance_xp208poe_eec_firmware
98 Siemens scalance_xp216_firmware
99 Siemens scalance_xp216eec_firmware
100 Siemens scalance_xp216poe_eec_firmware
101 Siemens scalance_xr324wg_firmware
102 Siemens scalance_xr328-4c_wg_firmware
103 Siemens siplus_net_scalance_xc206-2_firmware
104 Siemens siplus_net_scalance_xc206-2sfp_firmware
105 Siemens siplus_net_scalance_xc208_firmware
106 Siemens siplus_net_scalance_xc216-4c_firmware
107 Siemens scalance_xr-300_firmware
108 Siemens scalance_w700_ieee_802.11n_firmware
109 Siemens scalance_xr524_firmware
110 Siemens scalance_xr526_firmware
111 Siemens scalance_xr528_firmware
112 Siemens scalance_xr552_firmware
113 Siemens scalance_xc206-2g_poe__firmware
114 Siemens scalance_xc206-2sfp_g_\(e\/ip\)_firmware
115 Siemens scalance_xc208eec_firmware
116 Siemens scalance_xc208g_firmware
117 Siemens scalance_xc208g_\(e\/ip\)_firmware
118 Siemens scalance_xc208g_eec_firmware
119 Siemens scalance_xc208g_poe_firmware
120 Siemens scalance_xc216-4c_g_\(e\/ip\)_firmware
121 Siemens scalance_xc224-4c_g__firmware
122 Siemens scalance_xc224-4c_g_\(e\/ip\)_firmware
123 Siemens scalance_xc224__firmware
124 Siemens scalance_xf204-2ba_dna_firmware
125 Siemens scalance_xp208_\(eip\)_firmware
126 Siemens scalance_xp216_\(eip\)_firmware
127 Siemens scalance_xr326-2c_poe_wg_firmware
128 Siemens scalance_xr552-12_firmware
129 Siemens scalance_w700_ieee_802.11ax_firmware
130 Siemens scalance_xb208_\(e\/ip\)_firmware
131 Siemens scalance_xb208_\(pn\)_firmware
132 Siemens scalance_xb216_\(e\/ip\)_firmware
133 Siemens scalance_xb216_\(pn\)_firmware
134 Siemens scalance_xc206-2_\(sc\)_firmware
135 Siemens scalance_xc206-2_\(st\/bfoc\)_firmware
136 Siemens scalance_xc206-2g_poe_\(54_v_dc\)_firmware
137 Siemens scalance_xc206-2g_poe_eec_\(54_v_dc\)_firmware
138 Siemens scalance_xc206-2sfp_g_\(eip_def.\)_firmware
139 Siemens scalance_xc208g_\(eip_def.\)_firmware
140 Siemens scalance_xc208g_poe_\(54_v_dc\)_firmware
141 Siemens scalance_xc216-3g_poe_\(54_v_dc\)_firmware
142 Siemens scalance_xc216-4c_g_\(eip_def.\)_firmware
143 Siemens scalance_xc224-4c_g_\(eip_def.\)_firmware
144 Siemens scalance_xp208_\(ethernet\/ip\)_firmware
145 Siemens scalance_xp216_\(ethernet\/ip\)_firmware
146 Siemens scalance_xr326-2c_poe_wg_\(without_ul\)_firmware
147 Siemens scalance_w700_ieee_802.11ac_firmware
148 Siemens scalance_xr-300eec_firmware
149 Siemens scalance_xr-300poe_firmware
150 Siemens scalance_xr526-8c_l3_firmware
151 Siemens scalance_m876-3_\(rok\)_firmware
152 Siemens scalance_m876-4_\(eu\)_firmware
153 Siemens scalance_m876-4_\(nam\)_firmware
154 Siemens scalance_mum853-1_\(eu\)_firmware
155 Siemens scalance_mum856-1_\(eu\)_firmware
156 Siemens scalance_mum856-1_\(row\)_firmware
: Total Affected Vendor : 1 | Products : 156
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-36324.

URL Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf Mitigation Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-36324 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2022-36324 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Modified Analysis by [email protected]

    Feb. 23, 2023

    Action Type Old Value New Value
    Added CWE NIST CWE-770
  • CVE Modified by [email protected]

    Jan. 10, 2023

    Action Type Old Value New Value
    Added CVSS V3.1 Siemens AG AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Modified Analysis by [email protected]

    Oct. 27, 2022

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Sep. 13, 2022

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack. Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.
  • Initial Analysis by [email protected]

    Aug. 17, 2022

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf Mitigation, Vendor Advisory
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w700_ieee_802.11ax_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w700_ieee_802.11ax:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w700_ieee_802.11ac:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\(e\/ip\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc208g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc208g_\(e\/ip\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc216-4c_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc216-4c_g_\(e\/ip\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc224-4c_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc224-4c_g_\(e\/ip\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm408-4c_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm408-4c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm408-4c_l3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm408-4c_l3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm408-8c_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm408-8c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm408-8c_l3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm408-8c_l3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm416-4c_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm416-4c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm416-4c_l3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm416-4c_l3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp208_\(eip\)_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp208_\(eip\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp216_\(eip\)_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp216_\(eip\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr-300_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr-300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr-300eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr-300eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr-300poe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr-300poe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324wg_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324wg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr326-2c_poe_wg_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr326-2c_poe_wg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr328-4c_wg_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr328-4c_wg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr524_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr524:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr524-8c_l3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr524-8c_l3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr526_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr526:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:h:siemens:scalance_xr526-8c_l3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr526-8c_l3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr528_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr528:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr528-6m_2hr2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr528-6m_2hr2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr528-6m_2hr2_l3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr528-6m_2hr2_l3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr528-6m_l3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr528-6m_l3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr552_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr552:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr552-12:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr552-12m_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr552-12m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr552-12m_2hr2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr552-12m_2hr2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr552-12m_2hr2_l3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr552-12m_2hr2_l3:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-36324 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-36324 weaknesses.

CAPEC-125: Flooding Flooding CAPEC-130: Excessive Allocation Excessive Allocation CAPEC-147: XML Ping of the Death XML Ping of the Death CAPEC-197: Exponential Data Expansion Exponential Data Expansion CAPEC-229: Serialized Data Parameter Blowup Serialized Data Parameter Blowup CAPEC-230: Serialized Data with Nested Payloads Serialized Data with Nested Payloads CAPEC-231: Oversized Serialized Data Payloads Oversized Serialized Data Payloads CAPEC-469: HTTP DoS HTTP DoS CAPEC-482: TCP Flood TCP Flood CAPEC-486: UDP Flood UDP Flood CAPEC-487: ICMP Flood ICMP Flood CAPEC-488: HTTP Flood HTTP Flood CAPEC-489: SSL Flood SSL Flood CAPEC-490: Amplification Amplification CAPEC-491: Quadratic Data Expansion Quadratic Data Expansion CAPEC-493: SOAP Array Blowup SOAP Array Blowup CAPEC-494: TCP Fragmentation TCP Fragmentation CAPEC-495: UDP Fragmentation UDP Fragmentation CAPEC-496: ICMP Fragmentation ICMP Fragmentation CAPEC-528: XML Flood XML Flood
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.18 }} 0.01%

score

0.54172

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: