CVSS: 9.8EPSS: 0%CPEs: 134EXPL: 0CVE-2018-5469
https://notcve.org/view.php?id=CVE-2018-5469
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An improper restriction of excessive authentication vulnerability in the web interface has been identified, which may allow an attacker to brute force authentication. Se ha descubierto un problema de restricción inadecuada de intentos de autenticación excesivos en los switches Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS y OCTOPUS Classic Platform. Se ha identificado una vulnerabilidad de restricción indebida de autenticación excesiva en la interfaz web que podría permitir que un atacante se autentique mediante fuerza bruta. • http://www.securityfocus.com/bid/103340 https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-11402
https://notcve.org/view.php?id=CVE-2017-11402
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology is a crafted OPC dynamic port shift. Se ha descubierto un problema en las versiones anteriores a la 03.2.00 de Belden Hirschmann Tofino Xenon Security Appliance. Los fallos de diseño en módulos OPC classic y netfilter personalizados permiten que un atacante active remotamente las reglas en el firewall y se conecte a cualquier puerto TCP de un activo protegido, eludiendo el firewall. • https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2017-11400
https://notcve.org/view.php?id=CVE-2017-11400
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. An incomplete firmware signature allows a local attacker to upgrade the equipment (kernel, file system) with unsigned, attacker-controlled, data. This occurs because the appliance_config file is signed but the .tar.sec file is unsigned. Se ha descubierto un problema en las versiones anteriores a la 03.2.00 de Belden Hirschmann Tofino Xenon Security Appliance. Una firma incompleta del firmware permite que un atacante local actualice el equipamiento (kernel, sistema de archivo) con datos no firmados controlados por el atacante. • https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-11401
https://notcve.org/view.php?id=CVE-2017-11401
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering. Se ha descubierto un problema en las versiones anteriores a la 03.2.00 de Belden Hirschmann Tofino Xenon Security Appliance. La manipulación incorrecta del campo mbap.length de paquetes ModBus en el filtro ModBus DPI permite que un atacante envíe paquetes mal formados/manipulados a un activo protegido, omitiendo el filtrado de códigos de función. • https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6038
https://notcve.org/view.php?id=CVE-2017-6038
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request. Se ha descubierto un problema de Cross-Site Request Forgery (CSRF) en el switch Belden Hirschmann GECKO Lite Managed, en versiones 2.0.00 y anteriores. La aplicación web no verifica lo suficiente que las peticiones fuesen proporcionadas por el usuario que envió la solicitud. • https://ics-cert.us-cert.gov/advisories/ICSA-17-026-02A • CWE-352: Cross-Site Request Forgery (CSRF) •