// For flags

CVE-2024-5313

 

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH
interface over the product network interface. This does not allow to directly exploit the product or
make any unintended operation as the SSH interface access is protected by an authentication
mechanism. Impacts are limited to port scanning and fingerprinting activities as well as attempts
to perform a potential denial of service attack on the exposed SSH interface.

CWE-668: Existe exposición a la vulnerabilidad Resource Wrong Sphere que expone una interfaz SSH a través de la interfaz de red del producto. Esto no permite explotar directamente el producto ni realizar ninguna operación no deseada ya que el acceso a la interfaz SSH está protegido por un mecanismo de autenticación. Los impactos se limitan a actividades de escaneo de puertos y toma de huellas digitales, así como a intentos de realizar un posible ataque de denegación de servicio en la interfaz SSH expuesta.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-05-24 CVE Reserved
  • 2024-06-12 CVE Published
  • 2024-08-01 CVE Updated
  • 2024-08-15 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-668: Exposure of Resource to Wrong Sphere
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
---- -