The SSL layer of the HTTPS service in Siemens RuggedCom ROS prior to 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle malicious users to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siemens ruggedcom rox ii firmware - |
||
siemens ruggedcom rugged operating system |