Bypassing Administrative Restrictions in Siemens RuggedCom ROS

Bypassing Administrative Restrictions in Siemens RuggedCom ROS

CVE-2013-6926 · HIGH Severity

AV:N/AC:L/AU:S/C:P/I:P/A:C

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a (1) guest or (2) operator account.

Learn more about our Cis Benchmark Audit For Server Software.