Vulnerabilities (CVE)

Filtered by vendor Siemens Subscribe
Filtered by product Ruggedcom Network Management Software
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-2683 1 Siemens 1 Ruggedcom Network Management Software 2024-11-21 4.3 MEDIUM 8.2 HIGH
A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtaining administrative permissions.
CVE-2017-2682 1 Siemens 1 Ruggedcom Network Management Software 2024-11-21 6.8 MEDIUM 8.8 HIGH
The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and is induced to trigger a malicious request.