PT-2023-19913 · Unknown · Skybridge Mb-A100/110

Samy Younsi

Publicado

2023-05-10

Atualizado

2023-05-17

CVE-2023-25070

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions SkyBridge MB-A100/110 versions 4.2.0 and earlier

Description The issue involves cleartext transmission of sensitive information. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator's communication to the product.

Recommendations For SkyBridge MB-A100/110 versions 4.2.0 and earlier, consider disabling the telnet connection to prevent exploitation until a patch is available. As a temporary workaround, restrict access to the product's administrative interface to minimize the risk of eavesdropping or alteration of sensitive information.

Correção

Cleartext Transmission of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-319

Identificadores relacionados

CVE-2023-25070

Produtos afetados

Skybridge Mb-A100/110

PT-2023-19913 · Unknown · Skybridge Mb-A100/110

CVE-2023-25070

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9