Siemens : Security Vulnerabilities, CVEs, Published In 2017 (CSRF)

CVE-2017-2688

The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF.
Max CVSS
8.8
EPSS Score
0.13%
Published
2017-03-29
Updated
2017-07-12

CVE-2017-2682

The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and is induced to trigger a malicious request.
Max CVSS
8.8
EPSS Score
0.19%
Published
2017-02-27
Updated
2017-07-17
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close