Vulnerability Details CVE-2014-2590
The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface outage) via crafted HTTP packets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://ics-cert.us-cert.gov/advisories/ICSA-14-087-01
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-831997.pdf
- http://ics-cert.us-cert.gov/advisories/ICSA-14-087-01
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-831997.pdf
Products affected by CVE-2014-2590
-
cpe:2.3:h:siemens:ruggedcom_rs950g:-
-
cpe:2.3:h:siemens:ruggedcom_rsg2488:-
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:*
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.10.1
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.11
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.11.4
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.12
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.12.1
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.12.2
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.2.5
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.3.6
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.4.9
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.5.4
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.6.6
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.7.9
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.8.5
-
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.9.3