Details of VAR-201310-0638

ID

VAR-201310-0638

TITLE

RuggedCom Rugged Operating System Alert Configuration Security Bypass Vulnerability

Trust: 0.8

sources: IVD: b432d1d6-1f05-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13622

DESCRIPTION

RuggedCom Inc. is the world's leading manufacturer of high performance networking and communications equipment for industrial environments. The RuggedCom Rugged operating system has an error in handling the alarm configuration in the WEB interface, allowing the Guest and Operator users to operate the originally limited alarm configuration settings

Trust: 0.72

sources: CNVD: CNVD-2013-13622 // IVD: b432d1d6-1f05-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: b432d1d6-1f05-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13622

AFFECTED PRODUCTS

vendor:

ruggedcom

model:

rugged operating system

scope:

version:

3.x

Trust: 0.8

sources: IVD: b432d1d6-1f05-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13622

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2013-13622
value:	MEDIUM
Trust: 0.6
IVD:	b432d1d6-1f05-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2

CNVD:	CNVD-2013-13622
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	b432d1d6-1f05-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: b432d1d6-1f05-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13622

TYPE

Access verification error

Trust: 0.2

sources: IVD: b432d1d6-1f05-11e6-abef-000c29c66e3d

PATCH

title:

RuggedCom Rugged Operating System Alerts Configure Patches for Security Bypass Vulnerabilities

url:

https://www.cnvd.org.cn/patchinfo/show/40114

Trust: 0.6

sources: CNVD: CNVD-2013-13622

EXTERNAL IDS

db:	CNVD	id:	CNVD-2013-13622	Trust: 0.8
db:	SECUNIA	id:	55153	Trust: 0.6
db:	IVD	id:	B432D1D6-1F05-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: b432d1d6-1f05-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-13622

REFERENCES

url:	http://www.ruggedcom.com/pdfs/soft_history/ros_history/ros-cf52_main_v3-12-2.pdf	Trust: 0.6
url:	http://secunia.com/advisories/55153/	Trust: 0.6

sources: CNVD: CNVD-2013-13622

SOURCES

db:	IVD	id:	b432d1d6-1f05-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2013-13622

LAST UPDATE DATE

2022-05-17T01:53:13.031000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2013-13622

date:

2013-12-11T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	b432d1d6-1f05-11e6-abef-000c29c66e3d	date:	2013-10-12T00:00:00
db:	CNVD	id:	CNVD-2013-13622	date:	2013-10-11T00:00:00