CVE-2020-28398

CWE-352 — Cross-Site Request Forgery (CSRF)3 documents3 sources

Severity

8.6HIGH

EPSS

0.1%

top 70.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Ruggedcom ROX Mx5000 Siemens Ruggedcom ROX Mx5000re Siemens Ruggedcom ROX Rx1400 +8 more

Timeline

PublishedDec 10

Description

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions <…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages11 packages

▶CVEListV5siemens/ruggedcom_rox_mx5000re< V2.16.0

▶CVEListV5siemens/ruggedcom_rox_mx5000< V2.16.0

▶CVEListV5siemens/ruggedcom_rox_rx1400< V2.16.0

▶CVEListV5siemens/ruggedcom_rox_rx1500< V2.16.0

▶CVEListV5siemens/ruggedcom_rox_rx1501< V2.16.0

🔴Vulnerability Details

GHSA

GHSA-9982-rc28-7h2w: A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2↗2024-12-10

▶

CVEList

CVE-2020-28398: A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2↗2024-12-10

▶