Description

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The CLI feature in the web interface of affected devices is vulnerable to cross-site request forgery (CSRF). This could allow an attacker to read or modify the device configuration by tricking an authenticated legitimate user into accessing a malicious link.

INFO

Published Date :

2024-12-10T13:53:19.090Z

Last Modified :

2024-12-10T15:28:51.944Z

Source :

siemens
AFFECTED PRODUCTS

The following products are affected by CVE-2020-28398 vulnerability.

Vendors Products
Siemens
  • Ruggedcom Rox Mx5000
  • Ruggedcom Rox Mx5000re
  • Ruggedcom Rox Rx1400
  • Ruggedcom Rox Rx1500
  • Ruggedcom Rox Rx1501
  • Ruggedcom Rox Rx1510
  • Ruggedcom Rox Rx1511
  • Ruggedcom Rox Rx1512
  • Ruggedcom Rox Rx1524
  • Ruggedcom Rox Rx1536
  • Ruggedcom Rox Rx5000
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2020-28398.

URL Resource
https://cert-portal.siemens.com/productcert/html/ssa-384652.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact