CVSS: 7.1EPSS: 0%CPEs: 50EXPL: 0CVE-2019-12264
https://notcve.org/view.php?id=CVE-2019-12264
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. Wind River VxWorks versiones 6.6, 6.7, 6.8, 6.9.3, 6.9.4 y Vx7 tiene un control de acceso incorrecto en la asignación de IPv4 por el componente de cliente ipdhcpc DHCP. • https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf https://support.f5.com/csp/article/K41190253 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264 https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.5EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5461
https://notcve.org/view.php?id=CVE-2018-5461
An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. Se ha descubierto un problema de fortaleza inadecuada de cifrado en los switches Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS y OCTOPUS Classic Platform. Se ha identificado una vulnerabilidad de fortaleza inadecuada de cifrado en la interfaz web que podría permitir que un atacante obtenga información sensible mediante un ataque Man-in-the-Middle (MitM) exitoso. • http://www.securityfocus.com/bid/103340 https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01 • CWE-326: Inadequate Encryption Strength •
CVSS: 9.8EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5469
https://notcve.org/view.php?id=CVE-2018-5469
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An improper restriction of excessive authentication vulnerability in the web interface has been identified, which may allow an attacker to brute force authentication. Se ha descubierto un problema de restricción inadecuada de intentos de autenticación excesivos en los switches Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS y OCTOPUS Classic Platform. Se ha identificado una vulnerabilidad de restricción indebida de autenticación excesiva en la interfaz web que podría permitir que un atacante se autentique mediante fuerza bruta. • http://www.securityfocus.com/bid/103340 https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.9EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5471
https://notcve.org/view.php?id=CVE-2018-5471
A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A cleartext transmission of sensitive information vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. Se ha descubierto un problema de transmisión de información sensible en texto claro en los switches Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS y OCTOPUS Classic Platform. Se ha identificado una vulnerabilidad de transmisión de información sensible en texto claro en la interfaz web que podría permitir que un atacante obtenga información sensible mediante un ataque Man-in-the-Middle (MitM) exitoso. • http://www.securityfocus.com/bid/103340 https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5465
https://notcve.org/view.php?id=CVE-2018-5465
A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions. Se ha descubierto un problema de fijación de sesión en los switches Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS y OCTOPUS Classic Platform. Se ha identificado una vulnerabilidad de fijación de sesión en la interfaz web que podría permitir que un atacante secuestre sesiones web. • http://www.securityfocus.com/bid/103340 https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01 • CWE-384: Session Fixation •