CVE-2015-3962
Schneider Electric StruxureWare Building Expert MPM before 2.15 does not use encryption for the client-server data stream, which allows remote attackers to discover credentials by sniffing the network.
Date published : 2015-09-18
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-254-01