PT-2018-3423 · Belden · Belden Hirschmann Rs+7

Damir Zaynulin

Published

2018-03-06

Updated

2019-10-09

CVE-2018-5471

CVSS v2.0

5.4

Medium

Vector

AV:N/AC:H/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches (affected versions not specified)

Description: A Cleartext Transmission of Sensitive Information issue was discovered in the web interface of the affected switches, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. The vulnerability can be exploited by a remote attacker to intercept sensitive information.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

BDU:2020-00973

CVE-2018-5471

Affected Products

Belden Hirschmann Rs

Mach100

Mach1000

Mach4000

Octopus Classic Platform Switches

Rsb

Rsr

PT-2018-3423 · Belden · Belden Hirschmann Rs+7

CVE-2018-5471

Weakness Enumeration

Related Identifiers

Affected Products

References · 8