Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Siemens Subscribe
Filtered by product Ruggedcom Rox I
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-2689 1 Siemens 1 Ruggedcom Rox I 2019-10-02 6.5 MEDIUM 8.8 HIGH
Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings.
CVE-2017-2686 1 Siemens 1 Ruggedcom Rox I 2017-07-11 4.0 MEDIUM 6.5 MEDIUM
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information.
CVE-2017-2687 1 Siemens 1 Ruggedcom Rox I 2017-07-11 4.3 MEDIUM 6.1 MEDIUM
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link.
CVE-2017-2688 1 Siemens 1 Ruggedcom Rox I 2017-07-11 6.8 MEDIUM 8.8 HIGH
The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF.
CVE-2017-6864 1 Siemens 1 Ruggedcom Rox I 2017-07-11 3.5 LOW 5.4 MEDIUM
The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks.