CVE-2020-28396
EUVD-2020-2085514.12.2020, 21:15
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of the affected device can cause insecure ciphers usage by a userĀ“s browser. An attacker in a privileged position could decrypt the communication and compromise confidentiality and integrity of the transmitted information.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| siemens | sicam_a8000_cp-8000_firmware | 𝑥 < 16 |
| siemens | sicam_a8000_cp-8021_firmware | 𝑥 < 16 |
| siemens | sicam_a8000_cp-8022_firmware | 𝑥 < 16 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-693 - Protection Mechanism FailureThe product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
- CWE-327 - Use of a Broken or Risky Cryptographic AlgorithmThe use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.