CVE-2021-37209

Published Mar 8, 2022

Last updated a year ago

CVSS medium 6.7

Overview

Description: A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < V4.3.8), RUGGEDCOM M2200 (All versions < V4.3.8), RUGGEDCOM M969 (All versions < V4.3.8), RUGGEDCOM RMC30 (All versions < V4.3.8), RUGGEDCOM RMC8388 V4.X (All versions < V4.3.8), RUGGEDCOM RMC8388 V5.X (All versions < V5.7.0), RUGGEDCOM RP110 (All versions < V4.3.8), RUGGEDCOM RS1600 (All versions < V4.3.8), RUGGEDCOM RS1600F (All versions < V4.3.8), RUGGEDCOM RS1600T (All versions < V4.3.8), RUGGEDCOM RS400 (All versions < V4.3.8), RUGGEDCOM RS401 (All versions < V4.3.8), RUGGEDCOM RS416 (All versions < V4.3.8), RUGGEDCOM RS416P (All versions < V4.3.8), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.8), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.7.0), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.8), RUGGEDCOM RS416v2 V5.X (All versions < V5.7.0), RUGGEDCOM RS8000 (All versions < V4.3.8), RUGGEDCOM RS8000A (All versions < V4.3.8), RUGGEDCOM RS8000H (All versions < V4.3.8), RUGGEDCOM RS8000T (All versions < V4.3.8), RUGGEDCOM RS900 (All versions < V4.3.8), RUGGEDCOM RS900 (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RS900G (All versions < V4.3.8), RUGGEDCOM RS900G (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RS900GP (All versions < V4.3.8), RUGGEDCOM RS900L (All versions < V4.3.8), RUGGEDCOM RS900M-GETS-C01 (All versions < V4.3.8), RUGGEDCOM RS900M-GETS-XX (All versions < V4.3.8), RUGGEDCOM RS900M-STND-C01 (All versions < V4.3.8), RUGGEDCOM RS900M-STND-XX (All versions < V4.3.8), RUGGEDCOM RS900W (All versions < V4.3.8), RUGGEDCOM RS910 (All versions < V4.3.8), RUGGEDCOM RS910L (All versions < V4.3.8), RUGGEDCOM RS910W (All versions < V4.3.8), RUGGEDCOM RS920L (All versions < V4.3.8), RUGGEDCOM RS920W (All versions < V4.3.8), RUGGEDCOM RS930L (All versions < V4.3.8), RUGGEDCOM RS930W (All versions < V4.3.8), RUGGEDCOM RS940G (All versions < V4.3.8), RUGGEDCOM RS969 (All versions < V4.3.8), RUGGEDCOM RSG2100 (All versions < V4.3.8), RUGGEDCOM RSG2100 (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RSG2100P (All versions < V4.3.8), RUGGEDCOM RSG2200 (All versions < V4.3.8), RUGGEDCOM RSG2288 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2288 V5.X (All versions < V5.7.0), RUGGEDCOM RSG2300 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2300 V5.X (All versions < V5.7.0), RUGGEDCOM RSG2300P V4.X (All versions < V4.3.8), RUGGEDCOM RSG2300P V5.X (All versions < V5.7.0), RUGGEDCOM RSG2488 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2488 V5.X (All versions < V5.7.0), RUGGEDCOM RSG907R (All versions < V5.7.0), RUGGEDCOM RSG908C (All versions < V5.7.0), RUGGEDCOM RSG909R (All versions < V5.7.0), RUGGEDCOM RSG910C (All versions < V5.7.0), RUGGEDCOM RSG920P V4.X (All versions < V4.3.8), RUGGEDCOM RSG920P V5.X (All versions < V5.7.0), RUGGEDCOM RSL910 (All versions < V5.7.0), RUGGEDCOM RST2228 (All versions < V5.7.0), RUGGEDCOM RST2228P (All versions < V5.7.0), RUGGEDCOM RST916C (All versions < V5.7.0), RUGGEDCOM RST916P (All versions < V5.7.0). The SSH server on affected devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.
Source: productcert@siemens.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.7
Impact score: 5.5
Exploitability score: 1.2
Vector string: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:N/A:N

Weaknesses

productcert@siemens.com: CWE-326
nvd@nist.gov: CWE-311

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50A58761-73DA-4862-8D95-6634479A8726"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_i800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2831856D-1C5F-4436-9A78-97FA309A3E14"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_i801:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C10F20F2-3E09-4F79-87F2-79B32093189D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_i802:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "50BB50DA-133E-440D-9D13-387484E6EDDD"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_i803:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "78CC2FFF-A890-44D0-94D5-35519286928A"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_m2100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1E48D7B9-139E-48EC-B8A1-8D802943A65B"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_m2200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5A650B2E-F416-4690-BFDE-1C026E2ED321"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_m969:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "76C19418-5C81-4091-AB7A-9C1A433C8396"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rmc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C3D37577-B574-4A32-9B64-D097F52A2BE3"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rmc20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A2F39CF1-4F57-48A7-9B8F-69A94A07E1BE"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rmc30:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D0569A25-D7FA-40BF-95CD-CA81BF416E96"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rmc40:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F4674627-743B-4173-ACDF-08444773D818"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rmc41:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED109F2A-818B-48A9-996F-CD3B784E448C"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rmc8388:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EC9307A5-118E-4A06-9CC5-931478BE3440"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rp110:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2C83846C-DDD0-40DB-A465-68C3E66BF28D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "449E690E-FE54-4D85-8C93-6E04BAB8EB58"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs401:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "25F7428E-0E4E-497D-AA82-7CF8C9060CC3"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs416:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F59C884A-A7CA-4C67-B7D8-DC52318A0F97"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs416v2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9DD536B4-BA38-4CC5-A480-163FF38FA167"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs8000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D970A57E-771D-4EB6-9DA9-A2367D376FE5"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs8000a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B9BF9E7-E666-41D8-AC17-B1072C862CB7"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs8000h:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "19A0D692-BBDA-4267-A636-7A42F472824F"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs8000t:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2B7DBE7F-0792-491A-872F-6826821D3333"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "48249F47-DF98-4FA6-98B6-44C430854BCB"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs900g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2A373335-A82D-4C63-B5E5-1D3A23ADC781"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs900gp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "97F74A17-8571-4FBD-ADEA-90A7A800141D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs900l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE2C819C-C8A6-41B5-9BA1-C6284B122EC2"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs900w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3E1BE62C-39AD-4D38-9CF3-6FE5E17422D2"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs910:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "785CB18D-4CC2-49F6-8637-EB74A827C862"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs910l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC4E8754-9C83-4791-B414-F7A03AE7CF89"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs910w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "67F888CC-DC37-4CF6-94C0-C2671592C49D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs920l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B1223862-4C1C-4071-BCD5-1A96BC24C84D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs920w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7CB566F4-6D7E-461D-943A-3E04443336B5"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs930l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EC870CB9-79B9-41A2-823E-C25A23E64788"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs930w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7188D0D8-7194-411C-8D37-3A24419E7279"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs940g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1361D12A-34C8-4C3D-9727-13812BE08F7E"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rs969:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "07DE5400-D40C-4721-8B02-E4CA330DDFDB"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg2100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2E3F4E29-3BF3-4510-9DA7-3D1262719A65"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg2100p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0DC2BB0C-9681-4535-8506-DE0E107F50D9"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg2200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1DCA528E-1EBB-442D-8138-0BD7AAF5B57E"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg2288:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F42A83F2-B151-48E9-BC54-AC81B5C3B017"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg2300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "22A00345-A3E6-40D2-BCB3-9FE042F02119"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg2300p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1B393AE3-6C76-4E36-96D3-90228AA7EC14"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg2488:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F1DB4EF-5CB1-43BA-AB1F-6D6D48ED859C"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg907r:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0CC2D072-D8EA-45A2-9C2D-7AAA65FA683F"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg908c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "49083023-8702-491B-A7C3-AF60FB605E9F"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg909r:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8FDC0411-3A25-44D1-8929-FF2F4F432F8E"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg910c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "11AA599E-B0FD-4708-A2CB-5B3CA89FD865"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsg920p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1243655B-8636-43CF-8052-ABB5263B0BED"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rsl910:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5F0C8879-659D-4A28-BA72-7BE05B5215CC"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rst2228:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4CDDB741-B3B9-42C2-9C01-A6FC87A26B44"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rst2228p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8AAF8B55-5B3E-49EF-B7B4-BCCE11A09858"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rst916c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "52713BFF-C34C-4233-AE92-B91D94911802"
          },
          {
            "criteria": "cpe:2.3:h:siemens:ruggedcom_rst916p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "24F7373B-E91D-4524-9F1A-0BF4AAC9F461"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References