CVE-2017-2683

Name of the Vulnerable Software and Affected Versions Siemens RUGGEDCOM NMS versions prior to V1.2

Description A non-privileged user of the Siemens web application could perform a persistent Cross-Site Scripting (XSS) attack on port 8080/TCP and 8081/TCP, potentially resulting in obtaining administrative permissions.

Recommendations For versions prior to V1.2, update to version V1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the web application on ports 8080/TCP and 8081/TCP to minimize the risk of exploitation.