CVSS: 8.8EPSS: 17%CPEs: 66EXPL: 0CVE-2019-12257
https://notcve.org/view.php?id=CVE-2019-12257
09 Aug 2019 — Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc. Wind River VxWorks versiones 6.6 y 6.9, presenta un Desbordamiento de Búfer en el componente cliente DHCP. Se presenta una vulnerabilidad de seguridad de IPNET: Desbordamiento de la pila en análisis Offer/ACK de DHCP dentro de ipdhcpc. • https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 0%CPEs: 50EXPL: 0CVE-2019-12264
https://notcve.org/view.php?id=CVE-2019-12264
05 Aug 2019 — Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. Wind River VxWorks versiones 6.6, 6.7, 6.8, 6.9.3, 6.9.4 y Vx7 tiene un control de acceso incorrecto en la asignación de IPv4 por el componente de cliente ipdhcpc DHCP. • https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.5EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5461
https://notcve.org/view.php?id=CVE-2018-5461
06 Mar 2018 — An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. Se ha descubierto un problema de fortaleza inadecuada de cifrado en los switches Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS y OCTOPU... • http://www.securityfocus.com/bid/103340 • CWE-326: Inadequate Encryption Strength •
CVSS: 8.8EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5465
https://notcve.org/view.php?id=CVE-2018-5465
06 Mar 2018 — A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions. Se ha descubierto un problema de fijación de sesión en los switches Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS y OCTOPUS Classic Platform. Se ha identificado una vulnerabilidad de fijación de sesión en la interfaz web... • http://www.securityfocus.com/bid/103340 • CWE-384: Session Fixation •
CVSS: 6.5EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5467
https://notcve.org/view.php?id=CVE-2018-5467
06 Mar 2018 — An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user. Se ha descubierto un problema de exposición de información mediante cadenas de consulta en peticiones GET en los switches Belden Hirschmann RS, RSR, RSB, MACH1... • http://www.securityfocus.com/bid/103340 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-598: Use of GET Request Method With Sensitive Query Strings •
CVSS: 9.8EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5469
https://notcve.org/view.php?id=CVE-2018-5469
06 Mar 2018 — An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An improper restriction of excessive authentication vulnerability in the web interface has been identified, which may allow an attacker to brute force authentication. Se ha descubierto un problema de restricción inadecuada de intentos de autenticación excesivos en los switches Belden Hirschmann RS, RSR, RSB, MACH100, MACH... • http://www.securityfocus.com/bid/103340 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.9EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5471
https://notcve.org/view.php?id=CVE-2018-5471
06 Mar 2018 — A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A cleartext transmission of sensitive information vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. Se ha descubierto un problema de transmisión de información sensible en texto claro en los switches Belden Hirschmann RS,... • http://www.securityfocus.com/bid/103340 • CWE-319: Cleartext Transmission of Sensitive Information •