Siemens RuggedCom Rugged Operating System (ROS) firmware 3.2.5

CPE Details

Siemens RuggedCom Rugged Operating System (ROS) firmware 3.2.5
siemens
ruggedcom_rugged_operating_system
3.2.5
2013-12-17
14h07 +00:00
2013-12-17
14h13 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.2.5:*:*:*:*:*:*:*

Informations

Vendor

siemens

Product

ruggedcom_rugged_operating_system

Version

3.2.5

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2015-7836 2015-10-28 09h00 +00:00 Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by sniffing the network for VLAN data within the padding section of an Ethernet frame.
3.3
CVE-2015-5537 2015-08-02 23h00 +00:00 The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566.
4.3
CVE-2014-2590 2014-03-28 18h00 +00:00 The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface outage) via crafted HTTP packets.
5
CVE-2014-1966 2014-02-24 01h00 +00:00 The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets.
7.8
CVE-2013-6925 2013-12-17 01h00 +00:00 The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to hijack web sessions by predicting a session id value.
8.3
CVE-2013-6926 2013-12-17 01h00 +00:00 The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a (1) guest or (2) operator account.
8
CVE-2012-1803 2012-04-27 22h00 +00:00 RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) TELNET, (2) remote shell (aka rsh), or (3) serial-console session.
8.5
CVE-2012-2441 2012-04-27 22h00 +00:00 RuggedCom Rugged Operating System (ROS) before 3.3 has a factory account with a password derived from the MAC Address field in a banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) SSH or (2) HTTPS session, a different vulnerability than CVE-2012-1803.
8.5