NVD Vulnerability Detail

CVE-2014-1966

Summary	The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets.
Publication Date	Feb. 24, 2014, 1:48 p.m.
Registration Date	Jan. 26, 2021, 3:07 p.m.
Last Update	Nov. 21, 2024, 11:05 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system::::::::	3.12			3.12.4
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system::::::::				3.11.0

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system::::::::				3.11.0	3.11.5
execution environment
1	cpe:2.3:h:siemens:ruggedcom_rs950g:-:::::::*

Configuration3		or higher	or less	more than	less than
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system::::::::				4.0	4.1.0
execution environment
1	cpe:2.3:h:siemens:ruggedcom_rsg2488:-:::::::*

Related information, measures and tools

No	URL	タグ
1	http://ics-cert.us-cert.gov/advisories/ICSA-14-051-03	Permissions Required Third Party Advisory US Government Resource
2	http://ics-cert.us-cert.gov/advisories/ICSA-14-051-03	Permissions Required Third Party Advisory US Government Resource
3	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892342.pdf	Broken Link Vendor Advisory
4	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892342.pdf	Broken Link Vendor Advisory

Common Vulnerabilities List

JVN Vulnerability Information

Siemens RuggedCom ROS の SNMP の実装におけるサービス運用妨害 (DoS) の脆弱性

Title	Siemens RuggedCom ROS の SNMP の実装におけるサービス運用妨害 (DoS) の脆弱性
Summary	Siemens RuggedCom ROS の SNMP の実装には、サービス運用妨害 (デバイス停止) 状態にされる脆弱性が存在します。
Possible impacts	第三者により、巧妙に細工されたパケットを介して、サービス運用妨害 (デバイス停止) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Feb. 18, 2014, midnight
Registration Date	Feb. 25, 2014, 3:33 p.m.
Last Update	Feb. 25, 2014, 3:33 p.m.

Affected System

シーメンス

RuggedCom Rugged Operating System 3.11 for RS950G

RuggedCom Rugged Operating System 3.11 未満

RuggedCom Rugged Operating System 3.12.4 未満の 3.12

RuggedCom Rugged Operating System 4.0 for RSG2488

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2014-1966	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1966
National Vulnerability Database (NVD)
2	CVE-2014-1966	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1966

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-399	https://jvndb.jvn.jp/ja/cwe/CWE-399.html

ベンダー情報

No	Name	URL
Siemens Security Advisory
1	SSA-892342	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892342.pdf

その他

No	Name	URL
ICS-CERT ADVISORY
1	ICSA-14-051-03	http://ics-cert.us-cert.gov/advisories/ICSA-14-051-03

Change Log

No	Changed Details	Date of change
0	[2014年02月25日] 掲載	Feb. 17, 2018, 10:37 a.m.