CVE-2013-6926

Sažetak

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a (1) guest or (2) operator account.

Reference

http://ics-cert.us-cert.gov/advisories/ICSA-13-340-01
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-324789.pdf

CVSS

Base:	8.0
Impact:	8.5
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:C

Zadnje važnije ažuriranje

01-02-2022 - 16:53

Objavljeno

17-12-2013 - 04:46