{
  "schema_version": "1.4.0",
  "id": "GHSA-283q-3r3x-g3rc",
  "modified": "2025-08-12T12:30:31Z",
  "published": "2022-03-09T00:00:46Z",
  "aliases": [
    "CVE-2021-37209"
  ],
  "details": "A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS M2200 (All versions < V5.6.0), RUGGEDCOM ROS M969 (All versions < V5.6.0), RUGGEDCOM ROS RMC (All versions < V5.6.0), RUGGEDCOM ROS RMC20 (All versions < V5.6.0), RUGGEDCOM ROS RMC30 (All versions < V5.6.0), RUGGEDCOM ROS RMC40 (All versions < V5.6.0), RUGGEDCOM ROS RMC41 (All versions < V5.6.0), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions < V5.6.0), RUGGEDCOM ROS RS400 (All versions < V5.6.0), RUGGEDCOM ROS RS401 (All versions < V5.6.0), RUGGEDCOM ROS RS416 (All versions < V5.6.0), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions < V5.6.0), RUGGEDCOM ROS RS8000A (All versions < V5.6.0), RUGGEDCOM ROS RS8000H (All versions < V5.6.0), RUGGEDCOM ROS RS8000T (All versions < V5.6.0), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions < V5.6.0), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions < V5.6.0), RUGGEDCOM ROS RS900L (All versions < V5.6.0), RUGGEDCOM ROS RS900L (All versions < V5.6.0), RUGGEDCOM ROS RS900W (All versions < V5.6.0), RUGGEDCOM ROS RS910 (All versions < V5.6.0), RUGGEDCOM ROS RS910L (All versions < V5.6.0), RUGGEDCOM ROS RS910W (All versions < V5.6.0), RUGGEDCOM ROS RS920L (All versions < V5.6.0), RUGGEDCOM ROS RS920W (All versions < V5.6.0), RUGGEDCOM ROS RS930L (All versions < V5.6.0), RUGGEDCOM ROS RS930W (All versions < V5.6.0), RUGGEDCOM ROS RS940G (All versions < V5.6.0), RUGGEDCOM ROS RS969 (All versions < V5.6.0), RUGGEDCOM ROS RSG2100 (All versions < V5.6.0), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2200 (All versions < V5.6.0), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG900 (All versions < V5.6.0), RUGGEDCOM ROS RSG900C (All versions < V5.6.0), RUGGEDCOM ROS RSG900G (All versions < V5.6.0), RUGGEDCOM ROS RSG900R (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions < V5.6.0), RUGGEDCOM ROS i801 (All versions < V5.6.0), RUGGEDCOM ROS i802 (All versions < V5.6.0), RUGGEDCOM ROS i803 (All versions < V5.6.0). Unencrypted storage of passwords in the client configuration files and during\nnetwork transmission could allow an attacker in a privileged position to\nobtain access passwords.",
  "severity": [
    {
      "type": "CVSS_V3",
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
    }
  ],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37209"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-764417.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-764417.pdf"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-311",
      "CWE-326"
    ],
    "severity": "MODERATE",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-08T12:15:00Z"
  }
}