Scalance Xm 400 Firmware
Monthly
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to write to the device under certain conditions. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to write to the device under certain conditions. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.