VDB
SSA-170375
SSA-170375
PUBLISHED
CVSS 7.5 HIGH
The web server of the affected devices allow a low privileged user to access hashes and password salts of all system's users, including admin users. An attacker could use the obtained information to brute force the passwords offline.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | RUGGEDCOM RS900NC | |
| Siemens | RUGGEDCOM RS910 | |
| Siemens | RUGGEDCOM RSG2300NC V4.X | |
| Siemens | RUGGEDCOM RS8000NC | |
| Siemens | RUGGEDCOM RSG2200 | |
| Siemens | RUGGEDCOM RS416 | |
| Siemens | RUGGEDCOM RS910W | |
| Siemens | RUGGEDCOM i801 | |
| Siemens | RUGGEDCOM RS910NC | |
| Siemens | RUGGEDCOM i803 | |
| Siemens | RUGGEDCOM RS416Pv2 V5.X | |
| Siemens | RUGGEDCOM M2200 | |
| Siemens | RUGGEDCOM RS1600FNC | |
| Siemens | RUGGEDCOM RMC8388NC V4.X | |
| Siemens | RUGGEDCOM RSG2100NC | |
| Siemens | RUGGEDCOM RS401 | |
| Siemens | RUGGEDCOM M2100NC | |
| Siemens | RUGGEDCOM RS900MNC-GETS-C01 | |
| Siemens | RUGGEDCOM RS920W | |
| Siemens | RUGGEDCOM RS900GNC |
…and 116 more
Timeline
- Jul 9, 2024 CVE Published
- Aug 12, 2025 CVE Updated