NVD

Id
46034  
Name
CVE-2012-4698  
Description
Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2012-12-23  
Modified Date
2013-05-20  
Seq
2012-4698  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
231124 46034 CVE-2012-4698 http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A  View
231125 46034 CVE-2012-4698 http://www.ruggedcom.com/productbulletin/ros-security-page/  View
231126 46034 CVE-2012-4698 http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf  View
231127 46034 CVE-2012-4698 https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30082 JVNDB-2012-005789 複数の Siemens 製品におけるサーバを偽装される脆弱性 複数の Siemens 製品は、ハードコードされた秘密鍵を使用するため、サーバを偽装される、およびネットワークトラフィックを解読される脆弱性が存在します。 CVE-2012-4698 57936 CVE-2012-4698 46034 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005789.html 2012-12-12 2012-12-25 View