PT-2013-6189 · Siemens · Siemens Ruggedcom Rox I

Published

2013-12-17

·

Updated

2022-02-01

·

CVE-2013-6925

CVSS v2.0

8.3

High

VectorAV:N/AC:M/Au:N/C:P/I:P/A:C
Name of the Vulnerable Software and Affected Versions Siemens RuggedCom ROS versions prior to 3.12.2
Description The issue allows remote attackers to hijack web sessions by predicting a session id value, affecting the integrated HTTPS server.
Recommendations For versions prior to 3.12.2, update to version 3.12.2 or later to resolve the issue.

Fix

Use of Insufficiently Random Values

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-330

Related Identifiers

CVE-2013-6925

Affected Products

Siemens Ruggedcom Rox I