CVE-2020-28396

Summary

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of the affected device can cause insecure ciphers usage by a user´s browser. An attacker in a privileged position could decrypt the communication and compromise confidentiality and integrity of the transmitted information.

Affected Software

VendorProductVersion RangeStatus
SiemensSICAM A8000 CP-8000All versions < V16affected
SiemensSICAM A8000 CP-8021All versions < V16affected
SiemensSICAM A8000 CP-8022All versions < V16affected

Weaknesses

  • CWE-693: CWE-693: Protection Mechanism Failure

ADP Enrichment

CVE Program Container

Additional References

References