PT-2012-5704 · Forescout · Forescout Counteract

Published

2012-12-05

Updated

2017-08-29

CVE-2012-4985

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Forescout CounterACT NAC device version 6.3.4.1

Description The issue allows remote attackers to conduct ARP poisoning attacks via crafted packets, as the device does not block ARP and ICMP traffic from unrecognized clients.

Recommendations For version 6.3.4.1, consider configuring the device to block ARP and ICMP traffic from unrecognized clients as a temporary workaround until a patch is available. Restrict access to the network to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2012-4985

Affected Products

Forescout Counteract

PT-2012-5704 · Forescout · Forescout Counteract

CVE-2012-4985

Weakness Enumeration

Related Identifiers

Affected Products

References · 5