CVE-2017-5163

Name of the Vulnerable Software and Affected Versions Belden Hirschmann GECKO Lite Managed switch versions 2.0.00 and prior

Description An issue was discovered where a copy of the configuration file, including hashes of user passwords, is saved to an accessible location without authentication by path traversal after an administrator downloads the file.

Recommendations For versions 2.0.00 and prior, consider restricting access to the configuration file and the location where it is saved to prevent unauthorized access until a fix is available. As a temporary workaround, restrict access to the affected area to minimize the risk of exploitation.