CVE-2015-0543 - Evident Energy

Description

EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Reference

http://seclists.org/bugtraq/2015/Jun/132 http://www.securitytracker.com/id/1032740