Lucene search
K

22 matches found

OSV
OSV
added 2017/03/29 1:59 a.m.3 views

CVE-2017-6864

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00741EPSS
Exploits0References4
NVD
NVD
added 2017/03/29 1:59 a.m.18 views

CVE-2017-6864

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...

5.4CVSS5.6AI score0.00741EPSS
Exploits0References4
OSV
OSV
added 2017/03/29 1:59 a.m.3 views

CVE-2017-2688

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...

8.8CVSS5.8AI score
Exploits0References4
NVD
NVD
added 2017/03/29 1:59 a.m.19 views

CVE-2017-2687

Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...

6.1CVSS6.3AI score0.00994EPSS
Exploits0References4
OSV
OSV
added 2017/03/29 1:59 a.m.5 views

CVE-2017-2689

Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...

8.8CVSS5.8AI score0.01395EPSS
Exploits0References4
OSV
OSV
added 2017/03/29 1:59 a.m.3 views

CVE-2017-2687

Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...

6.1CVSS5.8AI score0.00994EPSS
Exploits0References4
NVD
NVD
added 2017/03/29 1:59 a.m.17 views

CVE-2017-2686

Siemens RUGGEDCOM ROX I all versions contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information...

6.5CVSS6.8AI score0.01149EPSS
Exploits0References4
Prion
Prion
added 2017/03/29 1:59 a.m.14 views

Cross site scripting

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...

3.5CVSS5.4AI score0.00741EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/03/29 1:59 a.m.17 views

Cross site scripting

Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...

4.3CVSS6.2AI score0.00994EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/03/29 1:59 a.m.13 views

Design/Logic Flaw

Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...

6.5CVSS8.3AI score0.01395EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/03/29 1:59 a.m.15 views

Cross site request forgery (csrf)

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...

6.8CVSS8.4AI score0.01115EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.23 views

CVE-2017-6864

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...

5AI score0.00741EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.19 views

CVE-2017-2687

Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...

5.8AI score0.00994EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.18 views

CVE-2017-2688

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...

8.5AI score0.01115EPSS
Exploits0References4
CVE
CVE
added 2017/03/29 1:0 a.m.48 views

CVE-2017-2688

The CVE-2017-2688 entry affects Siemens RUGGEDCOM ROX I (all versions) via the integrated web server on port 10000/TCP. The issue is a Cross-Site Request Forgery (CSRF) where an authenticated user who has an active session can be induced to click a malicious link or visit a malicious site, allowi...

8.8CVSS8.3AI score0.01115EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/03/29 1:0 a.m.47 views

CVE-2017-2689

CVE-2017-2689 affects Siemens RUGGEDCOM ROX I (all versions). An authenticated user can bypass access restrictions in the web interface on port 10000/TCP to obtain privileged file-system access or change configuration settings. Root cause: Improper Authorization (CWE-285) with CVSS v3 base score ...

8.8CVSS8.1AI score0.01395EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.24 views

CVE-2017-2689

Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...

8.3AI score0.01395EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.18 views

CVE-2017-2686

Siemens RUGGEDCOM ROX I all versions contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information...

6.2AI score0.01149EPSS
Exploits0References4
CNVD
CNVD
added 2017/03/29 12:0 a.m.3 views

Siemens RUGGEDCOM ROX I Cross-Site Scripting Vulnerability (CNVD-2017-03649)

Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to conduct cross-site...

5.4CVSS6.3AI score0.00741EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/29 12:0 a.m.2 views

Siemens RUGGEDCOM ROX I Cross-Site Scripting Vulnerability

Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to conduct a cross-site...

6.1CVSS6.2AI score0.00994EPSS
Exploits0References1
Rows per page
Query Builder