U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.11:-:*:*:*:*:*:*
  • CPE Name Search: true
There are 6 matching records.
Displaying matches 1 through 6.
Vuln ID Summary CVSS Severity
CVE-2015-7836

Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by sniffing the network for VLAN data within the padding section of an Ethernet frame.

Published: October 28, 2015; 6:59:17 AM -0400 		V3.x:(not available)
 V2.0: 3.3 LOW
CVE-2015-5537

The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566.

Published: August 02, 2015; 9:59:02 PM -0400 		V3.x:(not available)
 V2.0: 4.3 MEDIUM
CVE-2014-2590

The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface outage) via crafted HTTP packets.

Published: April 01, 2014; 2:29:39 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2014-1966

The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets.

Published: February 23, 2014; 11:48:10 PM -0500 		V3.x:(not available)
 V2.0: 7.8 HIGH
CVE-2013-6926

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a (1) guest or (2) operator account.

Published: December 16, 2013; 11:46:45 PM -0500 		V3.x:(not available)
 V2.0: 8.0 HIGH
CVE-2013-6925

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to hijack web sessions by predicting a session id value.

Published: December 16, 2013; 11:46:45 PM -0500 		V3.x:(not available)
 V2.0: 8.3 HIGH