Summary
| Detail | |||
|---|---|---|---|
| Vendor | Belden | First view | 2018-03-06 |
| Product | Hirschmann mach4002-24g-l2p | Last view | 2018-03-06 |
| Version | Type | ||
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:h:belden:hirschmann_mach4002-24g-l2p:-:*:*:*:*:*:*:* | 5 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.9 | 2018-03-06 | CVE-2018-5471 | A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A cleartext transmission of sensitive information vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. |
| 9.8 | 2018-03-06 | CVE-2018-5469 | An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An improper restriction of excessive authentication vulnerability in the web interface has been identified, which may allow an attacker to brute force authentication. |
| 6.5 | 2018-03-06 | CVE-2018-5467 | An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user. |
| 8.8 | 2018-03-06 | CVE-2018-5465 | A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions. |
| 6.5 | 2018-03-06 | CVE-2018-5461 | An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 20% (1) | CWE-384 | Session Fixation |
| 20% (1) | CWE-326 | Inadequate Encryption Strength |
| 20% (1) | CWE-319 | Cleartext Transmission of Sensitive Information |
| 20% (1) | CWE-307 | Improper Restriction of Excessive Authentication Attempts |
| 20% (1) | CWE-200 | Information Exposure |
