Siemens fixed two vulnerabilities in its RUGGEDCOM NMS product that would allow a remote attacker to perform administrative operations, according to a report with Siemens ProductCERT.
All versions of RUGGEDCOM NMS from V2.1 (Windows and Linux) and prior suffer from the issue.
RUGGEDCOM NMS is a scalable enterprise-grade solution for monitoring, configuring and maintaining RUGGEDCOM mission-critical networks. It improves operational efficiency, speeds up system provisioning, and preserves data validity, while allowing focus on the key events in the network.
In one vulnerability that has the case number CVE-2017-2682, the web application (port 8080/TCP and 8081/TCP) could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and ends up tricked to trigger a malicious request.
The CVSS base score for the vulnerability is 8.8.
In another vulnerability, with a case number of CVE-2017-2683, a non-privileged user of the web application (port 8080/TCP and 8081/TCP) could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtaining administrative permissions.
The CVSS base score for this vulnerability is 6.3.
Siemens released RUGGEDCOM NMS V2.1, which fixes the vulnerabilities and recommends customers to update to the new version.