Lucene search
China National Vulnerability DatabaseCNVD-2023-17661HistoryMar 16, 2023 - 12:00 a.m.
Siemens RUGGEDCOM CROSSBOW Access Control Error Vulnerability (CNVD-2023-17661)
2023-03-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
siemens
ruggedcom
crossbow
access control
vulnerability
nerc cip-compliant
electronic devices
application
permissions
query handler
data breach
0.001 Low
EPSS
Percentile
31.9%
RUGGEDCOM CROSSBOW is a secure access management solution designed to provide NERC CIP-compliant access to intelligent electronic devices. an access control error vulnerability exists in Siemens RUGGEDCOM CROSSBOW, which stems from the failure of the affected application’s client-side query handler to check the appropriate permissions for a specific read query. An attacker could exploit the vulnerability to access unauthorized data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| siemens ruggedcom crossbow | lt | 5.3 |
Related
cve
cve
CVE-2023-27462
2023-03-14 10:15:29
cvelist
cvelist
CVE-2023-27462
2023-03-14 09:32:08
nvd
nvd
CVE-2023-27462
2023-03-14 10:15:29
prion
prion
Design/Logic Flaw
2023-03-14 10:15:00
ics
ics
Siemens RUGGEDCOM CROSSBOW V5.3
2023-03-16 12:00:00