Описание
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
5 Medium
CVSS3
8.8 High
CVSS3
Дефекты
Связанные уязвимости
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions.
Уязвимость обработчика клиентских запросов системы безопасного управления доступом к IED Siemens RUGGEDCOM CROSSBOW, позволяющая нарушителю выполнить произвольные действия
EPSS
5 Medium
CVSS3
8.8 High
CVSS3