CVE-2020-28396

Name of the Vulnerable Software and Affected Versions SICAM A8000 CP-8000 versions prior to V16 SICAM A8000 CP-8021 versions prior to V16 SICAM A8000 CP-8022 versions prior to V16

Description A web server misconfiguration in the affected devices can cause insecure ciphers usage by a user's browser. This could allow an attacker in a privileged position to decrypt the communication and compromise confidentiality and integrity of the transmitted information. The issue is related to insufficient data protection.

Recommendations For SICAM A8000 CP-8000 versions prior to V16, update to version V16 or later to resolve the issue. For SICAM A8000 CP-8021 versions prior to V16, update to version V16 or later to resolve the issue. For SICAM A8000 CP-8022 versions prior to V16, update to version V16 or later to resolve the issue. As a temporary workaround, consider restricting access to the integrated web server to minimize the risk of exploitation.