PT-2023-19913 · Unknown · Skybridge Mb-A100/110
Samy Younsi
+1
·
Published
2023-05-10
·
Updated
2023-05-17
·
CVE-2023-25070
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SkyBridge MB-A100/110 versions 4.2.0 and earlier
Description
The issue involves cleartext transmission of sensitive information. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator's communication to the product.
Recommendations
For SkyBridge MB-A100/110 versions 4.2.0 and earlier, consider disabling the telnet connection to prevent exploitation until a patch is available. As a temporary workaround, restrict access to the product's administrative interface to minimize the risk of eavesdropping or alteration of sensitive information.
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Skybridge Mb-A100/110