Vulnerabilities > CVE-2013-6926 - Incorrect Authorization vulnerability in Siemens Ruggedcom Rugged Operating System

047910
CVSS 8.0 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
COMPLETE
network
low complexity
siemens
CWE-863

Summary

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a (1) guest or (2) operator account.

Common Weakness Enumeration (CWE)