Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ruggedcom_crossbow
(Siemens)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-03-14 | CVE-2023-27310 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to otherwise non-privileged user accounts. | Ruggedcom_crossbow | 8.8 | ||
| 2023-03-14 | CVE-2023-27462 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query handler of the affected application fails to check for proper permissions for specific read queries. This could allow authenticated remote attackers to access data they are not authorized for. | Ruggedcom_crossbow | 4.3 | ||
| 2023-03-14 | CVE-2023-27463 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote attackers to execute arbitrary SQL queries on the server database. | Ruggedcom_crossbow | 8.8 | ||
| 2023-08-08 | CVE-2023-27411 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges. | Ruggedcom_crossbow | 8.8 | ||
| 2023-08-08 | CVE-2023-37372 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote attackers to execute arbitrary SQL queries on the server database. | Ruggedcom_crossbow | 9.8 | ||
| 2023-08-08 | CVE-2023-37373 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications accept unauthenticated file write messages. An unauthenticated remote attacker could write arbitrary files to the affected application's file system. | Ruggedcom_crossbow | 7.5 |