| |
Vulnerability CVE-2024-0323
Published: 2024-02-05
| Description: |
The FTP server used on the B&R
Automation Runtime supports unsecure encryption mechanisms, such as SSLv3,
TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct
man-in-the-middle attacks or to decrypt communications between the affected product
clients.
|
Type:
CWE-327 (Use of a Broken or Risky Cryptographic Algorithm)
References: |
https://www.br-automation.com/fileadmin/SA23P004_FTP_uses_unsecure_encryption_mechanisms-f57c147c.pdf
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
