Vulnerability in Siemens Ruggedcom_rox_ii_firmware
CVE-2015-5537
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a diff…
EPSS: 0.003 (55.7th percentile) — read the EPSS interpretation.
Affected products
Weakness classification (CWE)
References
- 1033022 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK, Broken Link)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Broken Link, Vendor Advisory)
- cve@mitre.org (US Government Resource, Third Party Advisory, x_refsource_MISC, Broken Link)