Damir Zaynulin

Name of the Vulnerable Software and Affected Versions: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches (affected versions not specified) Description: The issue is related to inadequate encryption strength in the web interface of the affected switches. This may allow a remote attacker to perform a man-in-the-middle attack, potentially obtaining sensitive information. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches (affected versions not specified) Description: A Cleartext Transmission of Sensitive Information issue was discovered in the web interface of the affected switches, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. The vulnerability can be exploited by a remote attacker to intercept sensitive information. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches (affected versions not specified) Description: An issue was discovered in the web interface of the affected switches, related to information exposure through query strings in GET requests. This may allow an attacker to impersonate a legitimate user or disclose protected information using a GET request. The vulnerability is associated with errors in processing GET requests, which can be exploited by a remote attacker. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches (affected versions not specified) Description: A Session Fixation issue was discovered in the web interface of the affected switches, which may allow an attacker to hijack web sessions. The vulnerability is related to incorrect session management, potentially enabling a remote attacker to gain unauthorized access and intercept web sessions. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.