Lucene search
K

22 matches found

OSV
OSV
added 2017/03/29 1:59 a.m.3 views

CVE-2017-6864

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00741EPSS
Exploits0References4
NVD
NVD
added 2017/03/29 1:59 a.m.17 views

CVE-2017-6864

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...

5.4CVSS5.6AI score0.00741EPSS
Exploits0References4
NVD
NVD
added 2017/03/29 1:59 a.m.15 views

CVE-2017-2686

Siemens RUGGEDCOM ROX I all versions contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information...

6.5CVSS6.8AI score0.01149EPSS
Exploits0References4
NVD
NVD
added 2017/03/29 1:59 a.m.18 views

CVE-2017-2687

Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...

6.1CVSS6.3AI score0.00994EPSS
Exploits0References4
OSV
OSV
added 2017/03/29 1:59 a.m.3 views

CVE-2017-2688

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...

8.8CVSS5.8AI score
Exploits0References4
OSV
OSV
added 2017/03/29 1:59 a.m.5 views

CVE-2017-2689

Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...

8.8CVSS5.8AI score0.01395EPSS
Exploits0References4
OSV
OSV
added 2017/03/29 1:59 a.m.3 views

CVE-2017-2687

Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...

6.1CVSS5.8AI score0.00994EPSS
Exploits0References4
Prion
Prion
added 2017/03/29 1:59 a.m.14 views

Cross site scripting

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...

3.5CVSS5.4AI score0.00741EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/03/29 1:59 a.m.12 views

Design/Logic Flaw

Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...

6.5CVSS8.3AI score0.01395EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/03/29 1:59 a.m.14 views

Cross site request forgery (csrf)

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...

6.8CVSS8.4AI score0.01115EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/03/29 1:59 a.m.16 views

Cross site scripting

Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...

4.3CVSS6.2AI score0.00994EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/03/29 1:0 a.m.47 views

CVE-2017-2689

CVE-2017-2689 affects Siemens RUGGEDCOM ROX I (all versions). An authenticated user can bypass access restrictions in the web interface on port 10000/TCP to obtain privileged file-system access or change configuration settings. Root cause: Improper Authorization (CWE-285) with CVSS v3 base score ...

8.8CVSS8.1AI score0.01395EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.23 views

CVE-2017-2689

Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...

8.3AI score0.01395EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.17 views

CVE-2017-2688

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...

8.5AI score0.01115EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.22 views

CVE-2017-6864

The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...

5AI score0.00741EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.17 views

CVE-2017-2687

Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...

5.8AI score0.00994EPSS
Exploits0References4
CVE
CVE
added 2017/03/29 1:0 a.m.48 views

CVE-2017-2688

The CVE-2017-2688 entry affects Siemens RUGGEDCOM ROX I (all versions) via the integrated web server on port 10000/TCP. The issue is a Cross-Site Request Forgery (CSRF) where an authenticated user who has an active session can be induced to click a malicious link or visit a malicious site, allowi...

8.8CVSS8.3AI score0.01115EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/03/29 1:0 a.m.16 views

CVE-2017-2686

Siemens RUGGEDCOM ROX I all versions contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information...

6.2AI score0.01149EPSS
Exploits0References4
CNVD
CNVD
added 2017/03/29 12:0 a.m.3 views

Siemens RUGGEDCOM ROX I Arbitrary File Read Vulnerability

Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. An arbitrary file read vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to read arbitrary files for...

6.5CVSS6.8AI score0.01149EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/29 12:0 a.m.1 views

Siemens RUGGEDCOM ROX I Cross-Site Scripting Vulnerability

Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to conduct a cross-site...

6.1CVSS6.2AI score0.00994EPSS
Exploits0References1
Rows per page
Query Builder