CVE-2015-1357

Published: Feb 2, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allow context-dependent attackers to discover password hashes by reading (1) files or (2) security logs.

Affected (2)

Products: Siemens: Ruggedcom Firmware

1 product

Ruggedcom Firmware

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Siemens Ruggedcom Firmware	Up to bs4.4.4621.31

Running on/with	Platform Versions
Siemens Ruggedcom Win7000	All versions
Siemens Ruggedcom Win7200	All versions

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Siemens Ruggedcom Firmware	Up to ss4.4.4624.34

Running on/with	Platform Versions
Siemens Ruggedcom Win5100	All versions
Siemens Ruggedcom Win5200	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-753139.pdf

Source: cve@mitre.org

Vendor Advisory

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-753139.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.