N/A

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions.

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

授权机制缺失

Siemens RUGGEDCOM CROSSBOW 安全漏洞

Siemens RUGGEDCOM CROSSBOW是德国西门子（Siemens）公司的一个经过验证的安全访问管理解决方案。 Siemens RUGGEDCOM CROSSBOW 5.2之前版本存在安全漏洞，该漏洞源于客户端查询处理程序无法检查适当的权限。攻击者可利用该漏洞执行未授权操作。

N/A

N/A