Lucene search

K
SiemensRuggedcom Rugged Operating System*

6 matches found

CVE
CVE
added 2015/08/03 1:59 a.m.49 views

CVE-2015-5537

The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566.

4.3CVSS4.5AI score0.93774EPSS
CVE
CVE
added 2013/12/17 4:46 a.m.47 views

CVE-2013-6925

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to hijack web sessions by predicting a session id value.

8.3CVSS6.8AI score0.00562EPSS
CVE
CVE
added 2013/12/17 4:46 a.m.36 views

CVE-2013-6926

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a (1) guest or (2) operator account.

8CVSS6.4AI score0.00265EPSS
CVE
CVE
added 2014/02/24 4:48 a.m.35 views

CVE-2014-1966

The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets.

7.8CVSS6.8AI score0.0025EPSS
CVE
CVE
added 2014/04/01 6:29 a.m.34 views

CVE-2014-2590

The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface outage) via crafted HTTP packets.

5CVSS6.8AI score0.00305EPSS
CVE
CVE
added 2012/04/28 12:55 a.m.31 views

CVE-2012-2441

RuggedCom Rugged Operating System (ROS) before 3.3 has a factory account with a password derived from the MAC Address field in a banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) SSH or (2) HTTPS sessio...

8.5CVSS6.6AI score0.61252EPSS