Vulnerabilities > Siemens > Ruggedcom Network Management Software > High

DATE CVE VULNERABILITY TITLE RISK
2017-02-27 CVE-2017-2683 Cross-site Scripting vulnerability in Siemens Ruggedcom Network Management Software 2.0.2
A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtaining administrative permissions.
network
low complexity
siemens CWE-79
8.2
2017-02-27 CVE-2017-2682 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Ruggedcom Network Management Software 2.0.2
The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and is induced to trigger a malicious request.
network
low complexity
siemens CWE-352
8.8