PT-2021-17935 · Unknown+2 · Qsw-M2116P-2T2S+4
Published
2021-09-10
·
Updated
2021-09-23
·
CVE-2021-28813
CVSS v3.1
9.6
Critical
| Vector | AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
QSW-M2116P-2T2S versions prior to 1.0.6 build 210713
QuNetSwitch versions prior to 1.0.6.1509 (for QGD-1600P and QGD-1602P)
QuNetSwitch versions prior to 1.0.6.1519 (for QGD-3014PT)
Description:
A vulnerability involving insecure storage of sensitive information has been reported, allowing remote attackers to read sensitive information by accessing the unrestricted storage mechanism.
Recommendations:
For QSW-M2116P-2T2S versions prior to 1.0.6 build 210713, update to version 1.0.6 build 210713 or later.
For QGD-1600P and QGD-1602P running QuNetSwitch versions prior to 1.0.6.1509, update to QuNetSwitch version 1.0.6.1509 or later.
For QGD-3014PT running QuNetSwitch versions prior to 1.0.6.1519, update to QuNetSwitch version 1.0.6.1519 or later.
Fix
Insecure Storage of Sensitive Information
Using Hardcoded Credentials
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Qgd-1600P
Qgd-1602P
Qgd-3014Pt
Qsw-M2116P-2T2S
Qunetswitch