CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-5717

The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.2%

CVSS Severity

CVSS v2 Score 5.8

References

http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-504631.pdf
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-504631.pdf

Products affected by CVE-2015-5717

Siemens » Compas » Version: 1.5

cpe:2.3:a:siemens:compas:1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5717

Products

Pricing

Contact Us