gsd-2021-37209
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < V4.3.8), RUGGEDCOM M2200 (All versions < V4.3.8), RUGGEDCOM M969 (All versions < V4.3.8), RUGGEDCOM RMC30 (All versions < V4.3.8), RUGGEDCOM RMC8388 V4.X (All versions < V4.3.8), RUGGEDCOM RMC8388 V5.X (All versions < V5.7.0), RUGGEDCOM RP110 (All versions < V4.3.8), RUGGEDCOM RS1600 (All versions < V4.3.8), RUGGEDCOM RS1600F (All versions < V4.3.8), RUGGEDCOM RS1600T (All versions < V4.3.8), RUGGEDCOM RS400 (All versions < V4.3.8), RUGGEDCOM RS401 (All versions < V4.3.8), RUGGEDCOM RS416 (All versions < V4.3.8), RUGGEDCOM RS416P (All versions < V4.3.8), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.8), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.7.0), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.8), RUGGEDCOM RS416v2 V5.X (All versions < V5.7.0), RUGGEDCOM RS8000 (All versions < V4.3.8), RUGGEDCOM RS8000A (All versions < V4.3.8), RUGGEDCOM RS8000H (All versions < V4.3.8), RUGGEDCOM RS8000T (All versions < V4.3.8), RUGGEDCOM RS900 (All versions < V4.3.8), RUGGEDCOM RS900 (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RS900G (All versions < V4.3.8), RUGGEDCOM RS900G (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RS900GP (All versions < V4.3.8), RUGGEDCOM RS900L (All versions < V4.3.8), RUGGEDCOM RS900M-GETS-C01 (All versions < V4.3.8), RUGGEDCOM RS900M-GETS-XX (All versions < V4.3.8), RUGGEDCOM RS900M-STND-C01 (All versions < V4.3.8), RUGGEDCOM RS900M-STND-XX (All versions < V4.3.8), RUGGEDCOM RS900W (All versions < V4.3.8), RUGGEDCOM RS910 (All versions < V4.3.8), RUGGEDCOM RS910L (All versions < V4.3.8), RUGGEDCOM RS910W (All versions < V4.3.8), RUGGEDCOM RS920L (All versions < V4.3.8), RUGGEDCOM RS920W (All versions < V4.3.8), RUGGEDCOM RS930L (All versions < V4.3.8), RUGGEDCOM RS930W (All versions < V4.3.8), RUGGEDCOM RS940G (All versions < V4.3.8), RUGGEDCOM RS969 (All versions < V4.3.8), RUGGEDCOM RSG2100 (All versions < V4.3.8), RUGGEDCOM RSG2100 (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RSG2100P (All versions < V4.3.8), RUGGEDCOM RSG2200 (All versions < V4.3.8), RUGGEDCOM RSG2288 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2288 V5.X (All versions < V5.7.0), RUGGEDCOM RSG2300 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2300 V5.X (All versions < V5.7.0), RUGGEDCOM RSG2300P V4.X (All versions < V4.3.8), RUGGEDCOM RSG2300P V5.X (All versions < V5.7.0), RUGGEDCOM RSG2488 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2488 V5.X (All versions < V5.7.0), RUGGEDCOM RSG907R (All versions < V5.7.0), RUGGEDCOM RSG908C (All versions < V5.7.0), RUGGEDCOM RSG909R (All versions < V5.7.0), RUGGEDCOM RSG910C (All versions < V5.7.0), RUGGEDCOM RSG920P V4.X (All versions < V4.3.8), RUGGEDCOM RSG920P V5.X (All versions < V5.7.0), RUGGEDCOM RSL910 (All versions < V5.7.0), RUGGEDCOM RST2228 (All versions < V5.7.0), RUGGEDCOM RST2228P (All versions < V5.7.0), RUGGEDCOM RST916C (All versions < V5.7.0), RUGGEDCOM RST916P (All versions < V5.7.0). The SSH server on affected devices is configured to offer weak ciphers by default.
This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-37209",
"description": "A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions \u003c V5.6.0), RUGGEDCOM ROS M2200 (All versions \u003c V5.6.0), RUGGEDCOM ROS M969 (All versions \u003c V5.6.0), RUGGEDCOM ROS RMC (All versions \u003c V5.6.0), RUGGEDCOM ROS RMC20 (All versions \u003c V5.6.0), RUGGEDCOM ROS RMC30 (All versions \u003c V5.6.0), RUGGEDCOM ROS RMC40 (All versions \u003c V5.6.0), RUGGEDCOM ROS RMC41 (All versions \u003c V5.6.0), RUGGEDCOM ROS RMC8388 (All versions \u003c V5.6.0), RUGGEDCOM ROS RP110 (All versions \u003c V5.6.0), RUGGEDCOM ROS RS400 (All versions \u003c V5.6.0), RUGGEDCOM ROS RS401 (All versions \u003c V5.6.0), RUGGEDCOM ROS RS416 (All versions \u003c V5.6.0), RUGGEDCOM ROS RS416v2 (All versions \u003c V5.6.0), RUGGEDCOM ROS RS8000 (All versions \u003c V5.6.0), RUGGEDCOM ROS RS8000A (All versions \u003c V5.6.0), RUGGEDCOM ROS RS8000H (All versions \u003c V5.6.0), RUGGEDCOM ROS RS8000T (All versions \u003c V5.6.0), RUGGEDCOM ROS RS900 (32M) (All versions \u003c V5.6.0), RUGGEDCOM ROS RS900G (All versions \u003c V5.6.0), RUGGEDCOM ROS RS900G (32M) (All versions \u003c V5.6.0), RUGGEDCOM ROS RS900GP (All versions \u003c V5.6.0), RUGGEDCOM ROS RS900L (All versions \u003c V5.6.0), RUGGEDCOM ROS RS900L (All versions \u003c V5.6.0), RUGGEDCOM ROS RS900W (All versions \u003c V5.6.0), RUGGEDCOM ROS RS910 (All versions \u003c V5.6.0), RUGGEDCOM ROS RS910L (All versions \u003c V5.6.0), RUGGEDCOM ROS RS910W (All versions \u003c V5.6.0), RUGGEDCOM ROS RS920L (All versions \u003c V5.6.0), RUGGEDCOM ROS RS920W (All versions \u003c V5.6.0), RUGGEDCOM ROS RS930L (All versions \u003c V5.6.0), RUGGEDCOM ROS RS930W (All versions \u003c V5.6.0), RUGGEDCOM ROS RS940G (All versions \u003c V5.6.0), RUGGEDCOM ROS RS969 (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG2100 (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG2100 (32M) (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG2100P (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG2100P (32M) (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG2200 (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG2288 (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG2300 (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG2300P (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG2488 (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG900 (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG900C (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG900G (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG900R (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG907R (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG908C (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG909R (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG910C (All versions \u003c V5.6.0), RUGGEDCOM ROS RSG920P (All versions \u003c V5.6.0), RUGGEDCOM ROS RSL910 (All versions \u003c V5.6.0), RUGGEDCOM ROS RST2228 (All versions \u003c V5.6.0), RUGGEDCOM ROS RST916C (All versions \u003c V5.6.0), RUGGEDCOM ROS RST916P (All versions \u003c V5.6.0), RUGGEDCOM ROS i800 (All versions \u003c V5.6.0), RUGGEDCOM ROS i801 (All versions \u003c V5.6.0), RUGGEDCOM ROS i802 (All versions \u003c V5.6.0), RUGGEDCOM ROS i803 (All versions \u003c V5.6.0). Unencrypted storage of passwords in the client configuration files and during\nnetwork transmission could allow an attacker in a privileged position to\nobtain access passwords.",
"id": "GSD-2021-37209"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-37209"
],
"details": "A vulnerability has been identified in RUGGEDCOM i800 (All versions \u003c V4.3.8), RUGGEDCOM i801 (All versions \u003c V4.3.8), RUGGEDCOM i802 (All versions \u003c V4.3.8), RUGGEDCOM i803 (All versions \u003c V4.3.8), RUGGEDCOM M2100 (All versions \u003c V4.3.8), RUGGEDCOM M2200 (All versions \u003c V4.3.8), RUGGEDCOM M969 (All versions \u003c V4.3.8), RUGGEDCOM RMC30 (All versions \u003c V4.3.8), RUGGEDCOM RMC8388 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RMC8388 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RP110 (All versions \u003c V4.3.8), RUGGEDCOM RS1600 (All versions \u003c V4.3.8), RUGGEDCOM RS1600F (All versions \u003c V4.3.8), RUGGEDCOM RS1600T (All versions \u003c V4.3.8), RUGGEDCOM RS400 (All versions \u003c V4.3.8), RUGGEDCOM RS401 (All versions \u003c V4.3.8), RUGGEDCOM RS416 (All versions \u003c V4.3.8), RUGGEDCOM RS416P (All versions \u003c V4.3.8), RUGGEDCOM RS416Pv2 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS416Pv2 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS416v2 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS416v2 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS8000 (All versions \u003c V4.3.8), RUGGEDCOM RS8000A (All versions \u003c V4.3.8), RUGGEDCOM RS8000H (All versions \u003c V4.3.8), RUGGEDCOM RS8000T (All versions \u003c V4.3.8), RUGGEDCOM RS900 (All versions \u003c V4.3.8), RUGGEDCOM RS900 (32M) V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS900 (32M) V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS900G (All versions \u003c V4.3.8), RUGGEDCOM RS900G (32M) V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS900G (32M) V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS900GP (All versions \u003c V4.3.8), RUGGEDCOM RS900L (All versions \u003c V4.3.8), RUGGEDCOM RS900M-GETS-C01 (All versions \u003c V4.3.8), RUGGEDCOM RS900M-GETS-XX (All versions \u003c V4.3.8), RUGGEDCOM RS900M-STND-C01 (All versions \u003c V4.3.8), RUGGEDCOM RS900M-STND-XX (All versions \u003c V4.3.8), RUGGEDCOM RS900W (All versions \u003c V4.3.8), RUGGEDCOM RS910 (All versions \u003c V4.3.8), RUGGEDCOM RS910L (All versions \u003c V4.3.8), RUGGEDCOM RS910W (All versions \u003c V4.3.8), RUGGEDCOM RS920L (All versions \u003c V4.3.8), RUGGEDCOM RS920W (All versions \u003c V4.3.8), RUGGEDCOM RS930L (All versions \u003c V4.3.8), RUGGEDCOM RS930W (All versions \u003c V4.3.8), RUGGEDCOM RS940G (All versions \u003c V4.3.8), RUGGEDCOM RS969 (All versions \u003c V4.3.8), RUGGEDCOM RSG2100 (All versions \u003c V4.3.8), RUGGEDCOM RSG2100 (32M) V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2100 (32M) V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2100P (All versions \u003c V4.3.8), RUGGEDCOM RSG2200 (All versions \u003c V4.3.8), RUGGEDCOM RSG2288 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2288 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2300 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2300 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2300P V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2300P V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2488 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2488 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG907R (All versions \u003c V5.7.0), RUGGEDCOM RSG908C (All versions \u003c V5.7.0), RUGGEDCOM RSG909R (All versions \u003c V5.7.0), RUGGEDCOM RSG910C (All versions \u003c V5.7.0), RUGGEDCOM RSG920P V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG920P V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSL910 (All versions \u003c V5.7.0), RUGGEDCOM RST2228 (All versions \u003c V5.7.0), RUGGEDCOM RST2228P (All versions \u003c V5.7.0), RUGGEDCOM RST916C (All versions \u003c V5.7.0), RUGGEDCOM RST916P (All versions \u003c V5.7.0). The SSH server on affected devices is configured to offer weak ciphers by default.\r\n\r\nThis could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.",
"id": "GSD-2021-37209",
"modified": "2023-12-13T01:23:09.676663Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-37209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM i800",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM i801",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM i802",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM i803",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM M2100",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM M2200",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM M969",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RMC30",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RMC8388 V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RMC8388 V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RP110",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS1600",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS1600F",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS1600T",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS400",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS401",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS416",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS416P",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS416Pv2 V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS416Pv2 V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RS416v2 V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS416v2 V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RS8000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS8000A",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS8000H",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS8000T",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900 (32M) V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900 (32M) V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900G",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900G (32M) V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900G (32M) V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900GP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900M-GETS-C01",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900M-GETS-XX",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900M-STND-C01",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900M-STND-XX",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS900W",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS910",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS910L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS910W",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS920L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS920W",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS930L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS930W",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS940G",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RS969",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2100",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2100 (32M) V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2100 (32M) V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2100P",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2200",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2288 V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2288 V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2300 V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2300 V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2300P V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2300P V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2488 V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG2488 V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG907R",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG908C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG909R",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG910C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG920P V4.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V4.3.8"
}
]
}
},
{
"product_name": "RUGGEDCOM RSG920P V5.X",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RSL910",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RST2228",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RST2228P",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RST916C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
},
{
"product_name": "RUGGEDCOM RST916P",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V5.7.0"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in RUGGEDCOM i800 (All versions \u003c V4.3.8), RUGGEDCOM i801 (All versions \u003c V4.3.8), RUGGEDCOM i802 (All versions \u003c V4.3.8), RUGGEDCOM i803 (All versions \u003c V4.3.8), RUGGEDCOM M2100 (All versions \u003c V4.3.8), RUGGEDCOM M2200 (All versions \u003c V4.3.8), RUGGEDCOM M969 (All versions \u003c V4.3.8), RUGGEDCOM RMC30 (All versions \u003c V4.3.8), RUGGEDCOM RMC8388 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RMC8388 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RP110 (All versions \u003c V4.3.8), RUGGEDCOM RS1600 (All versions \u003c V4.3.8), RUGGEDCOM RS1600F (All versions \u003c V4.3.8), RUGGEDCOM RS1600T (All versions \u003c V4.3.8), RUGGEDCOM RS400 (All versions \u003c V4.3.8), RUGGEDCOM RS401 (All versions \u003c V4.3.8), RUGGEDCOM RS416 (All versions \u003c V4.3.8), RUGGEDCOM RS416P (All versions \u003c V4.3.8), RUGGEDCOM RS416Pv2 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS416Pv2 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS416v2 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS416v2 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS8000 (All versions \u003c V4.3.8), RUGGEDCOM RS8000A (All versions \u003c V4.3.8), RUGGEDCOM RS8000H (All versions \u003c V4.3.8), RUGGEDCOM RS8000T (All versions \u003c V4.3.8), RUGGEDCOM RS900 (All versions \u003c V4.3.8), RUGGEDCOM RS900 (32M) V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS900 (32M) V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS900G (All versions \u003c V4.3.8), RUGGEDCOM RS900G (32M) V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS900G (32M) V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS900GP (All versions \u003c V4.3.8), RUGGEDCOM RS900L (All versions \u003c V4.3.8), RUGGEDCOM RS900M-GETS-C01 (All versions \u003c V4.3.8), RUGGEDCOM RS900M-GETS-XX (All versions \u003c V4.3.8), RUGGEDCOM RS900M-STND-C01 (All versions \u003c V4.3.8), RUGGEDCOM RS900M-STND-XX (All versions \u003c V4.3.8), RUGGEDCOM RS900W (All versions \u003c V4.3.8), RUGGEDCOM RS910 (All versions \u003c V4.3.8), RUGGEDCOM RS910L (All versions \u003c V4.3.8), RUGGEDCOM RS910W (All versions \u003c V4.3.8), RUGGEDCOM RS920L (All versions \u003c V4.3.8), RUGGEDCOM RS920W (All versions \u003c V4.3.8), RUGGEDCOM RS930L (All versions \u003c V4.3.8), RUGGEDCOM RS930W (All versions \u003c V4.3.8), RUGGEDCOM RS940G (All versions \u003c V4.3.8), RUGGEDCOM RS969 (All versions \u003c V4.3.8), RUGGEDCOM RSG2100 (All versions \u003c V4.3.8), RUGGEDCOM RSG2100 (32M) V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2100 (32M) V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2100P (All versions \u003c V4.3.8), RUGGEDCOM RSG2200 (All versions \u003c V4.3.8), RUGGEDCOM RSG2288 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2288 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2300 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2300 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2300P V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2300P V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2488 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2488 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG907R (All versions \u003c V5.7.0), RUGGEDCOM RSG908C (All versions \u003c V5.7.0), RUGGEDCOM RSG909R (All versions \u003c V5.7.0), RUGGEDCOM RSG910C (All versions \u003c V5.7.0), RUGGEDCOM RSG920P V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG920P V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSL910 (All versions \u003c V5.7.0), RUGGEDCOM RST2228 (All versions \u003c V5.7.0), RUGGEDCOM RST2228P (All versions \u003c V5.7.0), RUGGEDCOM RST916C (All versions \u003c V5.7.0), RUGGEDCOM RST916P (All versions \u003c V5.7.0). The SSH server on affected devices is configured to offer weak ciphers by default.\r\n\r\nThis could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device."
}
]
},
"impact": {
"cvss": [
{
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-326",
"lang": "eng",
"value": "CWE-326: Inadequate Encryption Strength"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-764417.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-764417.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_i800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_i801:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_i802:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_i803:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_m2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_m2200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_m969:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rmc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rmc20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rmc30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rmc40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rmc41:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rmc8388:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rp110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs401:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs416:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs416v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs8000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs8000a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs8000h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs8000t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs900g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs900gp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs900l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs900w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs910:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs910l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs910w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs920l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs920w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs930l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs930w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs940g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rs969:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg2100p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg2200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg2288:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg2300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg2300p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg2488:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg907r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg908c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg909r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg910c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsg920p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rsl910:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rst2228:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rst2228p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rst916c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rst916p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-37209"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM i800 (All versions \u003c V4.3.8), RUGGEDCOM i801 (All versions \u003c V4.3.8), RUGGEDCOM i802 (All versions \u003c V4.3.8), RUGGEDCOM i803 (All versions \u003c V4.3.8), RUGGEDCOM M2100 (All versions \u003c V4.3.8), RUGGEDCOM M2200 (All versions \u003c V4.3.8), RUGGEDCOM M969 (All versions \u003c V4.3.8), RUGGEDCOM RMC30 (All versions \u003c V4.3.8), RUGGEDCOM RMC8388 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RMC8388 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RP110 (All versions \u003c V4.3.8), RUGGEDCOM RS1600 (All versions \u003c V4.3.8), RUGGEDCOM RS1600F (All versions \u003c V4.3.8), RUGGEDCOM RS1600T (All versions \u003c V4.3.8), RUGGEDCOM RS400 (All versions \u003c V4.3.8), RUGGEDCOM RS401 (All versions \u003c V4.3.8), RUGGEDCOM RS416 (All versions \u003c V4.3.8), RUGGEDCOM RS416P (All versions \u003c V4.3.8), RUGGEDCOM RS416Pv2 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS416Pv2 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS416v2 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS416v2 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS8000 (All versions \u003c V4.3.8), RUGGEDCOM RS8000A (All versions \u003c V4.3.8), RUGGEDCOM RS8000H (All versions \u003c V4.3.8), RUGGEDCOM RS8000T (All versions \u003c V4.3.8), RUGGEDCOM RS900 (All versions \u003c V4.3.8), RUGGEDCOM RS900 (32M) V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS900 (32M) V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS900G (All versions \u003c V4.3.8), RUGGEDCOM RS900G (32M) V4.X (All versions \u003c V4.3.8), RUGGEDCOM RS900G (32M) V5.X (All versions \u003c V5.7.0), RUGGEDCOM RS900GP (All versions \u003c V4.3.8), RUGGEDCOM RS900L (All versions \u003c V4.3.8), RUGGEDCOM RS900M-GETS-C01 (All versions \u003c V4.3.8), RUGGEDCOM RS900M-GETS-XX (All versions \u003c V4.3.8), RUGGEDCOM RS900M-STND-C01 (All versions \u003c V4.3.8), RUGGEDCOM RS900M-STND-XX (All versions \u003c V4.3.8), RUGGEDCOM RS900W (All versions \u003c V4.3.8), RUGGEDCOM RS910 (All versions \u003c V4.3.8), RUGGEDCOM RS910L (All versions \u003c V4.3.8), RUGGEDCOM RS910W (All versions \u003c V4.3.8), RUGGEDCOM RS920L (All versions \u003c V4.3.8), RUGGEDCOM RS920W (All versions \u003c V4.3.8), RUGGEDCOM RS930L (All versions \u003c V4.3.8), RUGGEDCOM RS930W (All versions \u003c V4.3.8), RUGGEDCOM RS940G (All versions \u003c V4.3.8), RUGGEDCOM RS969 (All versions \u003c V4.3.8), RUGGEDCOM RSG2100 (All versions \u003c V4.3.8), RUGGEDCOM RSG2100 (32M) V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2100 (32M) V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2100P (All versions \u003c V4.3.8), RUGGEDCOM RSG2200 (All versions \u003c V4.3.8), RUGGEDCOM RSG2288 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2288 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2300 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2300 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2300P V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2300P V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG2488 V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG2488 V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSG907R (All versions \u003c V5.7.0), RUGGEDCOM RSG908C (All versions \u003c V5.7.0), RUGGEDCOM RSG909R (All versions \u003c V5.7.0), RUGGEDCOM RSG910C (All versions \u003c V5.7.0), RUGGEDCOM RSG920P V4.X (All versions \u003c V4.3.8), RUGGEDCOM RSG920P V5.X (All versions \u003c V5.7.0), RUGGEDCOM RSL910 (All versions \u003c V5.7.0), RUGGEDCOM RST2228 (All versions \u003c V5.7.0), RUGGEDCOM RST2228P (All versions \u003c V5.7.0), RUGGEDCOM RST916C (All versions \u003c V5.7.0), RUGGEDCOM RST916P (All versions \u003c V5.7.0). The SSH server on affected devices is configured to offer weak ciphers by default.\r\n\r\nThis could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "N/A",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-764417.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.5
}
},
"lastModifiedDate": "2023-11-14T11:15Z",
"publishedDate": "2022-03-08T12:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.