CVE-2015-5537

Name of the Vulnerable Software and Affected Versions Siemens RuggedCom ROS versions prior to 4.2.0 Siemens RuggedCom ROX II (affected versions not specified)

Description The SSL layer of the HTTPS service does not properly implement CBC padding, making it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack.

Recommendations For Siemens RuggedCom ROS versions prior to 4.2.0, update to version 4.2.0 or later to resolve the issue. For Siemens RuggedCom ROX II, at the moment, there is no information about a newer version that contains a fix for this vulnerability.