Описание
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack on the integrated web server on port 443/tcp.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:siemens:ozw772_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ozw772:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:siemens:ozw672_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ozw672:-:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00194
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-306
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.4
github
больше 3 лет назад
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack on the integrated web server on port 443/tcp.
EPSS
Процентиль: 41%
0.00194
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-306
NVD-CWE-noinfo