← back
CVE-2021-42017

CVE-2021-42017

CVSS 5.9 MEDIUMEPSS 0.5%CWE-358
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i801, RUGGEDCOM i802, RUGGEDCOM i803, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM RMC30, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RP110, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600T, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS401, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000H, RUGGEDCOM RS8000T, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900L, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS969, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSL910, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. A new variant of the POODLE attack has left a third-party component vulnerable due to the implementation flaws of the CBC encryption mode in TLS 1.0 to 1.2. If an attacker were to exploit this, they could act as a man-in-the-middle and eavesdrop on encrypted communications.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Affected products
Siemens · RUGGEDCOM i800Siemens · RUGGEDCOM i801Siemens · RUGGEDCOM i802Siemens · RUGGEDCOM i803Siemens · RUGGEDCOM M2100Siemens · RUGGEDCOM M2100FSiemens · RUGGEDCOM M2200Siemens · RUGGEDCOM M2200FSiemens · RUGGEDCOM M969Siemens · RUGGEDCOM M969FSiemens · RUGGEDCOM RMC30Siemens · RUGGEDCOM RMC8388 V4.XSiemens · RUGGEDCOM RMC8388 V5.XSiemens · RUGGEDCOM RP110Siemens · RUGGEDCOM RS1600Siemens · RUGGEDCOM RS1600FSiemens · RUGGEDCOM RS1600TSiemens · RUGGEDCOM RS400Siemens · RUGGEDCOM RS400FSiemens · RUGGEDCOM RS401Siemens · RUGGEDCOM RS416Siemens · RUGGEDCOM RS416FSiemens · RUGGEDCOM RS416PSiemens · RUGGEDCOM RS416PFSiemens · RUGGEDCOM RS416Pv2 V4.XSiemens · RUGGEDCOM RS416Pv2 V5.XSiemens · RUGGEDCOM RS416v2 V4.XSiemens · RUGGEDCOM RS416v2 V5.XSiemens · RUGGEDCOM RS8000Siemens · RUGGEDCOM RS8000ASiemens · RUGGEDCOM RS8000HSiemens · RUGGEDCOM RS8000TSiemens · RUGGEDCOM RS900Siemens · RUGGEDCOM RS900 (32M) V4.XSiemens · RUGGEDCOM RS900 (32M) V5.XSiemens · RUGGEDCOM RS900FSiemens · RUGGEDCOM RS900GSiemens · RUGGEDCOM RS900G (32M) V4.XSiemens · RUGGEDCOM RS900G (32M) V5.XSiemens · RUGGEDCOM RS900GFSiemens · RUGGEDCOM RS900GPSiemens · RUGGEDCOM RS900GPFSiemens · RUGGEDCOM RS900LSiemens · RUGGEDCOM RS900M-GETS-C01Siemens · RUGGEDCOM RS900M-GETS-XXSiemens · RUGGEDCOM RS900M-STND-C01Siemens · RUGGEDCOM RS900M-STND-XXSiemens · RUGGEDCOM RS900WSiemens · RUGGEDCOM RS910Siemens · RUGGEDCOM RS910LSiemens · RUGGEDCOM RS910WSiemens · RUGGEDCOM RS920LSiemens · RUGGEDCOM RS920WSiemens · RUGGEDCOM RS930LSiemens · RUGGEDCOM RS930WSiemens · RUGGEDCOM RS940GSiemens · RUGGEDCOM RS940GFSiemens · RUGGEDCOM RS969Siemens · RUGGEDCOM RSG2100Siemens · RUGGEDCOM RSG2100 (32M) V4.XSiemens · RUGGEDCOM RSG2100 (32M) V5.XSiemens · RUGGEDCOM RSG2100FSiemens · RUGGEDCOM RSG2100PSiemens · RUGGEDCOM RSG2100P (32M) V4.XSiemens · RUGGEDCOM RSG2100P (32M) V5.XSiemens · RUGGEDCOM RSG2100PFSiemens · RUGGEDCOM RSG2200Siemens · RUGGEDCOM RSG2200FSiemens · RUGGEDCOM RSG2288 V4.XSiemens · RUGGEDCOM RSG2288 V5.XSiemens · RUGGEDCOM RSG2300FSiemens · RUGGEDCOM RSG2300PFSiemens · RUGGEDCOM RSG2300P V4.XSiemens · RUGGEDCOM RSG2300P V5.XSiemens · RUGGEDCOM RSG2300 V4.XSiemens · RUGGEDCOM RSG2300 V5.XSiemens · RUGGEDCOM RSG2488FSiemens · RUGGEDCOM RSG2488 V4.XSiemens · RUGGEDCOM RSG2488 V5.XSiemens · RUGGEDCOM RSG907RSiemens · RUGGEDCOM RSG908CSiemens · RUGGEDCOM RSG909RSiemens · RUGGEDCOM RSG910CSiemens · RUGGEDCOM RSG920P V4.XSiemens · RUGGEDCOM RSG920P V5.XSiemens · RUGGEDCOM RSL910Siemens · RUGGEDCOM RST2228Siemens · RUGGEDCOM RST2228PSiemens · RUGGEDCOM RST916CSiemens · RUGGEDCOM RST916P

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert-portal.siemens.com/productcert/html/ssa-256353.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-256353.pdf