Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
30 vulnerabilities by Korenix
CVE-2024-11303 (GCVE-0-2024-11303)
Vulnerability from cvelistv5 – Published: 2024-11-18 13:24 – Updated: 2024-11-21 22:02
VLAI
Title
Path Traversal
Summary
The pathname of the root directory to a Restricted Directory ('Path Traversal') vulnerability in Korenix JetPort 5601 allows Path Traversal.This issue affects JetPort 5601: through 1.2.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberdanube.com/en/en-st-polten-uas-path-… | third-party-advisoryexploit |
| http://seclists.org/fulldisclosure/2024/Nov/8 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetPort 5601 |
Affected:
0 , ≤ 1.2
(custom)
|
|
| korenix | jetport_5601 |
Affected:
0 , ≤ 1.2
(custom)
cpe:2.3:h:korenix:jetport_5601:-:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:korenix:jetport_5601:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport_5601",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11303",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T14:13:56.722950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T14:15:31.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-21T22:02:46.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Nov/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "P. Oberndorfer"
},
{
"lang": "en",
"type": "finder",
"value": "B. T\u00f6sch"
},
{
"lang": "en",
"type": "finder",
"value": "M. Narbeshuber-Spletzer"
},
{
"lang": "en",
"type": "finder",
"value": "C. Hierzer"
},
{
"lang": "en",
"type": "finder",
"value": "M. Pammer"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The pathname of the root directory to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Korenix JetPort 5601 allows Path Traversal.\u003cp\u003eThis issue affects JetPort 5601: through 1.2.\u003c/p\u003e"
}
],
"value": "The pathname of the root directory to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Korenix JetPort 5601 allows Path Traversal.This issue affects JetPort 5601: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T14:33:59.788Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://cyberdanube.com/en/en-st-polten-uas-path-traversal-in-korenix-jetport/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Path Traversal",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-11303",
"datePublished": "2024-11-18T13:24:37.376Z",
"dateReserved": "2024-11-17T17:08:21.075Z",
"dateUpdated": "2024-11-21T22:02:46.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7397 (GCVE-0-2024-7397)
Vulnerability from cvelistv5 – Published: 2024-08-05 13:25 – Updated: 2025-11-04 16:15
VLAI
Title
Unauthenticated Command Injection
Summary
Improper filering of special characters result in a command ('command injection') vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetPort 5601v3 |
Affected:
0 , ≤ 1.2
(custom)
|
|
| korenix | jetport5601v3 |
Affected:
0 , ≤ 1.2
(custom)
cpe:2.3:a:korenix:jetport5601v3:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:korenix:jetport5601v3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport5601v3",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7397",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T14:15:49.858700Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T14:26:13.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:15:55.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601v3",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper filering of special characters result in a command (\u0027command injection\u0027) vulnerability in Korenix JetPort 5601v3.\u003cp\u003eThis issue affects JetPort 5601v3: through 1.2.\u003c/p\u003e"
}
],
"value": "Improper filering of special characters result in a command (\u0027command injection\u0027) vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:43.610Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://cyberdanube.com/de/en-multiple-vulnerabilities-in-korenix-jetport/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-7397",
"datePublished": "2024-08-05T13:25:43.610Z",
"dateReserved": "2024-08-01T21:46:36.711Z",
"dateUpdated": "2025-11-04T16:15:55.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7396 (GCVE-0-2024-7396)
Vulnerability from cvelistv5 – Published: 2024-08-05 13:20 – Updated: 2025-11-04 16:15
VLAI
Title
Plaintext Communication
Summary
Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue affects JetPort 5601v3: through 1.2.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetPort 5601v3 |
Affected:
0 , ≤ 1.2
(custom)
|
|
| korenix | jetport_5601v3 |
Affected:
0 , ≤ 1.2
(custom)
cpe:2.3:o:korenix:jetport_5601v3:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:korenix:jetport_5601v3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport_5601v3",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7396",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:32:31.559672Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:36:02.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:15:54.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601v3",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.\u003cp\u003eThis issue affects JetPort 5601v3: through 1.2.\u003c/p\u003e"
}
],
"value": "Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue affects JetPort 5601v3: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-651",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-651 Eavesdropping"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:20:57.997Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://cyberdanube.com/de/en-multiple-vulnerabilities-in-korenix-jetport/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Plaintext Communication",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-7396",
"datePublished": "2024-08-05T13:20:57.997Z",
"dateReserved": "2024-08-01T21:46:35.555Z",
"dateUpdated": "2025-11-04T16:15:54.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7395 (GCVE-0-2024-7395)
Vulnerability from cvelistv5 – Published: 2024-08-05 13:16 – Updated: 2025-11-04 16:15
VLAI
Title
Insufficient Authentication
Summary
An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetPort 5601v3 |
Affected:
0 , ≤ 1.2
(custom)
|
|
| korenix | jetport_5601 |
Affected:
0 , ≤ 1.2
(custom)
cpe:2.3:h:korenix:jetport_5601:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:korenix:jetport_5601:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport_5601",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T20:31:11.620358Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T20:35:18.123Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:15:53.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601v3",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.\u003cp\u003eThis issue affects JetPort 5601v3: through 1.2.\u003c/p\u003e"
}
],
"value": "An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:16:05.964Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://cyberdanube.com/de/en-multiple-vulnerabilities-in-korenix-jetport/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient Authentication",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-7395",
"datePublished": "2024-08-05T13:16:05.964Z",
"dateReserved": "2024-08-01T21:46:34.268Z",
"dateUpdated": "2025-11-04T16:15:53.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-2371 (GCVE-0-2024-2371)
Vulnerability from cvelistv5 – Published: 2024-03-12 08:49 – Updated: 2024-08-01 19:11
VLAI
Title
Information exposure vulnerability in Korenix JetI/O 6550
Summary
Information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials.
Severity
6.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetI/O 6550 |
Affected:
F208 Build:0817
|
Date Public
2024-03-12 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T16:16:54.722620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:30:00.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/information-exposure-vulnerability-korenix-jetio-6550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetI/O 6550",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "F208 Build:0817"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "HADESS"
}
],
"datePublic": "2024-03-12T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials."
}
],
"value": "Information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials."
}
],
"impacts": [
{
"capecId": "CAPEC-59",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-59 Session Credential Falsification through Prediction"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:49:46.017Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/information-exposure-vulnerability-korenix-jetio-6550"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There is no reported solution at this time."
}
],
"value": "There is no reported solution at this time."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Information exposure vulnerability in Korenix JetI/O 6550",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2024-2371",
"datePublished": "2024-03-12T08:49:46.017Z",
"dateReserved": "2024-03-11T11:40:18.291Z",
"dateUpdated": "2024-08-01T19:11:53.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5347 (GCVE-0-2023-5347)
Vulnerability from cvelistv5 – Published: 2024-01-09 09:54 – Updated: 2025-10-08 09:10
VLAI
Title
Unauthenticated Firmware Upgrade
Summary
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetNet Series |
Affected:
firmware older than 2024/01
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"tags": [
"x_transferred"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5347",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:33:17.516940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:33:02.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "JetNet Series",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "firmware older than 2024/01"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects JetNet devices older than firmware version 2024/01.\u003c/span\u003e"
}
],
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
}
],
"impacts": [
{
"capecId": "CAPEC-558",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-558 Replace Trusted Executable"
}
]
},
{
"capecId": "CAPEC-552",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-552 Install Rootkit"
}
]
},
{
"capecId": "CAPEC-642",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-642 Replace Binaries"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T09:10:00.840Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated Firmware Upgrade",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "See:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\"\u003ehttps://www.beijerelectronics.com/en/support/Help___online?docId=69947\u003c/a\u003e"
}
],
"value": "See:\u00a0 https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2023-5347",
"datePublished": "2024-01-09T09:54:59.664Z",
"dateReserved": "2023-10-03T08:11:00.343Z",
"dateUpdated": "2025-10-08T09:10:00.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5376 (GCVE-0-2023-5376)
Vulnerability from cvelistv5 – Published: 2024-01-09 09:44 – Updated: 2025-10-08 09:12
VLAI
Title
TFTP Without Authentication
Summary
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetNet Series |
Affected:
firmware older than 2024/01
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"tags": [
"x_transferred"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T15:27:48.719387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T15:28:15.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "JetNet Series",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "firmware older than 2024/01"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects JetNet devices older than firmware version 2024/01.\u003c/span\u003e"
}
],
"value": "An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T09:12:42.388Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TFTP Without Authentication",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "See:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\"\u003ehttps://www.beijerelectronics.com/en/support/Help___online?docId=69947\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "See:\u00a0 https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2023-5376",
"datePublished": "2024-01-09T09:44:18.108Z",
"dateReserved": "2023-10-04T09:30:19.108Z",
"dateUpdated": "2025-10-08T09:12:42.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12504 (GCVE-0-2020-12504)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-16 17:09
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.
Severity
9.8 (Critical)
CWE
- CWE-912 - Hidden Functionality
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| https://cert.vde.com/en-us/advisories/vde-2020-053 | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ICRL-M-8RJ45/4SFP-G-DIN , ≤ 1.2.3
(custom)
Affected: ICRL-M-16RJ45/4CP-G-DIN , ≤ 1.2.3 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "CWE-912 Hidden Functionality",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:15.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "For ICRL-M-8RJ45/4SFP-G-DIN and ICRL-M-16RJ45/4CP-G-DIN:\nUpdate to Firmware 1.3.1 and deactivate TFTP-Service.\n\nFor all other devices:\nAn external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12504",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-912 Hidden Functionality"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "For ICRL-M-8RJ45/4SFP-G-DIN and ICRL-M-16RJ45/4CP-G-DIN:\nUpdate to Firmware 1.3.1 and deactivate TFTP-Service.\n\nFor all other devices:\nAn external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12504",
"datePublished": "2020-10-15T18:42:59.041Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:09:09.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12503 (GCVE-0-2020-12503)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-17 04:24
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.
Severity
7.2 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| https://cert.vde.com/en-us/advisories/vde-2020-053 | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ICRL-M-8RJ45/4SFP-G-DIN , ≤ 1.2.3
(custom)
Affected: ICRL-M-16RJ45/4CP-G-DIN , ≤ 1.2.3 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:09.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12503",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12503",
"datePublished": "2020-10-15T18:42:58.016Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:24:41.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12502 (GCVE-0-2020-12502)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-16 18:43
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration.
Severity
8.8 (High)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| https://cert.vde.com/en-us/advisories/vde-2020-053 | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ICRL-M-8RJ45/4SFP-G-DIN , ≤ 1.2.3
(custom)
Affected: ICRL-M-16RJ45/4CP-G-DIN , ≤ 1.2.3 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:11.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12502",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12502",
"datePublished": "2020-10-15T18:42:57.229Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:43:33.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12501 (GCVE-0-2020-12501)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-16 19:20
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.
Severity
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2022/Jun/3 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/167409/Koren… | x_refsource_MISC |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T16:06:23.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12501",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"name": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12501",
"datePublished": "2020-10-15T18:42:56.306Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:20:40.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12500 (GCVE-0-2020-12500)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-17 01:10
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration.
Severity
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:13.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12500",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12500",
"datePublished": "2020-10-15T18:42:54.978Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:10:49.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4577 (GCVE-0-2012-4577)
Vulnerability from cvelistv5 – Published: 2012-08-21 18:00 – Updated: 2024-08-06 20:42
VLAI
Summary
The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02 | x_refsource_MISC |
| http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02 | x_refsource_MISC |
| http://www.digitalbond.com/2012/06/13/korenix-and… | x_refsource_MISC |
| http://www.securityfocus.com/bid/55196 | vdb-entryx_refsource_BID |
Date Public
2012-06-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "jetport-default-password(77992)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77992"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity"
},
{
"name": "55196",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55196"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of \"password\" for the root account, which allows remote attackers to obtain administrative access via an SSH session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "jetport-default-password(77992)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77992"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity"
},
{
"name": "55196",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55196"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of \"password\" for the root account, which allows remote attackers to obtain administrative access via an SSH session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "jetport-default-password(77992)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77992"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02"
},
{
"name": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity",
"refsource": "MISC",
"url": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity"
},
{
"name": "55196",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55196"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4577",
"datePublished": "2012-08-21T18:00:00.000Z",
"dateReserved": "2012-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:42:54.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11303 (GCVE-0-2024-11303)
Vulnerability from nvd – Published: 2024-11-18 13:24 – Updated: 2024-11-21 22:02
VLAI
Title
Path Traversal
Summary
The pathname of the root directory to a Restricted Directory ('Path Traversal') vulnerability in Korenix JetPort 5601 allows Path Traversal.This issue affects JetPort 5601: through 1.2.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberdanube.com/en/en-st-polten-uas-path-… | third-party-advisoryexploit |
| http://seclists.org/fulldisclosure/2024/Nov/8 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetPort 5601 |
Affected:
0 , ≤ 1.2
(custom)
|
|
| korenix | jetport_5601 |
Affected:
0 , ≤ 1.2
(custom)
cpe:2.3:h:korenix:jetport_5601:-:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:korenix:jetport_5601:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport_5601",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11303",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T14:13:56.722950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T14:15:31.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-21T22:02:46.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Nov/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "P. Oberndorfer"
},
{
"lang": "en",
"type": "finder",
"value": "B. T\u00f6sch"
},
{
"lang": "en",
"type": "finder",
"value": "M. Narbeshuber-Spletzer"
},
{
"lang": "en",
"type": "finder",
"value": "C. Hierzer"
},
{
"lang": "en",
"type": "finder",
"value": "M. Pammer"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The pathname of the root directory to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Korenix JetPort 5601 allows Path Traversal.\u003cp\u003eThis issue affects JetPort 5601: through 1.2.\u003c/p\u003e"
}
],
"value": "The pathname of the root directory to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Korenix JetPort 5601 allows Path Traversal.This issue affects JetPort 5601: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T14:33:59.788Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://cyberdanube.com/en/en-st-polten-uas-path-traversal-in-korenix-jetport/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Path Traversal",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-11303",
"datePublished": "2024-11-18T13:24:37.376Z",
"dateReserved": "2024-11-17T17:08:21.075Z",
"dateUpdated": "2024-11-21T22:02:46.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7397 (GCVE-0-2024-7397)
Vulnerability from nvd – Published: 2024-08-05 13:25 – Updated: 2025-11-04 16:15
VLAI
Title
Unauthenticated Command Injection
Summary
Improper filering of special characters result in a command ('command injection') vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetPort 5601v3 |
Affected:
0 , ≤ 1.2
(custom)
|
|
| korenix | jetport5601v3 |
Affected:
0 , ≤ 1.2
(custom)
cpe:2.3:a:korenix:jetport5601v3:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:korenix:jetport5601v3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport5601v3",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7397",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T14:15:49.858700Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T14:26:13.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:15:55.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601v3",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper filering of special characters result in a command (\u0027command injection\u0027) vulnerability in Korenix JetPort 5601v3.\u003cp\u003eThis issue affects JetPort 5601v3: through 1.2.\u003c/p\u003e"
}
],
"value": "Improper filering of special characters result in a command (\u0027command injection\u0027) vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:43.610Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://cyberdanube.com/de/en-multiple-vulnerabilities-in-korenix-jetport/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-7397",
"datePublished": "2024-08-05T13:25:43.610Z",
"dateReserved": "2024-08-01T21:46:36.711Z",
"dateUpdated": "2025-11-04T16:15:55.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7396 (GCVE-0-2024-7396)
Vulnerability from nvd – Published: 2024-08-05 13:20 – Updated: 2025-11-04 16:15
VLAI
Title
Plaintext Communication
Summary
Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue affects JetPort 5601v3: through 1.2.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetPort 5601v3 |
Affected:
0 , ≤ 1.2
(custom)
|
|
| korenix | jetport_5601v3 |
Affected:
0 , ≤ 1.2
(custom)
cpe:2.3:o:korenix:jetport_5601v3:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:korenix:jetport_5601v3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport_5601v3",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7396",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:32:31.559672Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:36:02.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:15:54.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601v3",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.\u003cp\u003eThis issue affects JetPort 5601v3: through 1.2.\u003c/p\u003e"
}
],
"value": "Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue affects JetPort 5601v3: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-651",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-651 Eavesdropping"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:20:57.997Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://cyberdanube.com/de/en-multiple-vulnerabilities-in-korenix-jetport/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Plaintext Communication",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-7396",
"datePublished": "2024-08-05T13:20:57.997Z",
"dateReserved": "2024-08-01T21:46:35.555Z",
"dateUpdated": "2025-11-04T16:15:54.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7395 (GCVE-0-2024-7395)
Vulnerability from nvd – Published: 2024-08-05 13:16 – Updated: 2025-11-04 16:15
VLAI
Title
Insufficient Authentication
Summary
An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetPort 5601v3 |
Affected:
0 , ≤ 1.2
(custom)
|
|
| korenix | jetport_5601 |
Affected:
0 , ≤ 1.2
(custom)
cpe:2.3:h:korenix:jetport_5601:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:korenix:jetport_5601:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport_5601",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T20:31:11.620358Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T20:35:18.123Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:15:53.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601v3",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.\u003cp\u003eThis issue affects JetPort 5601v3: through 1.2.\u003c/p\u003e"
}
],
"value": "An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:16:05.964Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://cyberdanube.com/de/en-multiple-vulnerabilities-in-korenix-jetport/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient Authentication",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-7395",
"datePublished": "2024-08-05T13:16:05.964Z",
"dateReserved": "2024-08-01T21:46:34.268Z",
"dateUpdated": "2025-11-04T16:15:53.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-2371 (GCVE-0-2024-2371)
Vulnerability from nvd – Published: 2024-03-12 08:49 – Updated: 2024-08-01 19:11
VLAI
Title
Information exposure vulnerability in Korenix JetI/O 6550
Summary
Information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials.
Severity
6.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetI/O 6550 |
Affected:
F208 Build:0817
|
Date Public
2024-03-12 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T16:16:54.722620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:30:00.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/information-exposure-vulnerability-korenix-jetio-6550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetI/O 6550",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "F208 Build:0817"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "HADESS"
}
],
"datePublic": "2024-03-12T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials."
}
],
"value": "Information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials."
}
],
"impacts": [
{
"capecId": "CAPEC-59",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-59 Session Credential Falsification through Prediction"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:49:46.017Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/information-exposure-vulnerability-korenix-jetio-6550"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There is no reported solution at this time."
}
],
"value": "There is no reported solution at this time."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Information exposure vulnerability in Korenix JetI/O 6550",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2024-2371",
"datePublished": "2024-03-12T08:49:46.017Z",
"dateReserved": "2024-03-11T11:40:18.291Z",
"dateUpdated": "2024-08-01T19:11:53.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5347 (GCVE-0-2023-5347)
Vulnerability from nvd – Published: 2024-01-09 09:54 – Updated: 2025-10-08 09:10
VLAI
Title
Unauthenticated Firmware Upgrade
Summary
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetNet Series |
Affected:
firmware older than 2024/01
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"tags": [
"x_transferred"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5347",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:33:17.516940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:33:02.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "JetNet Series",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "firmware older than 2024/01"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects JetNet devices older than firmware version 2024/01.\u003c/span\u003e"
}
],
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
}
],
"impacts": [
{
"capecId": "CAPEC-558",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-558 Replace Trusted Executable"
}
]
},
{
"capecId": "CAPEC-552",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-552 Install Rootkit"
}
]
},
{
"capecId": "CAPEC-642",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-642 Replace Binaries"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T09:10:00.840Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated Firmware Upgrade",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "See:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\"\u003ehttps://www.beijerelectronics.com/en/support/Help___online?docId=69947\u003c/a\u003e"
}
],
"value": "See:\u00a0 https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2023-5347",
"datePublished": "2024-01-09T09:54:59.664Z",
"dateReserved": "2023-10-03T08:11:00.343Z",
"dateUpdated": "2025-10-08T09:10:00.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5376 (GCVE-0-2023-5376)
Vulnerability from nvd – Published: 2024-01-09 09:44 – Updated: 2025-10-08 09:12
VLAI
Title
TFTP Without Authentication
Summary
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Korenix | JetNet Series |
Affected:
firmware older than 2024/01
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"tags": [
"x_transferred"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T15:27:48.719387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T15:28:15.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "JetNet Series",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "firmware older than 2024/01"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects JetNet devices older than firmware version 2024/01.\u003c/span\u003e"
}
],
"value": "An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T09:12:42.388Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TFTP Without Authentication",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "See:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\"\u003ehttps://www.beijerelectronics.com/en/support/Help___online?docId=69947\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "See:\u00a0 https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2023-5376",
"datePublished": "2024-01-09T09:44:18.108Z",
"dateReserved": "2023-10-04T09:30:19.108Z",
"dateUpdated": "2025-10-08T09:12:42.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12504 (GCVE-0-2020-12504)
Vulnerability from nvd – Published: 2020-10-15 18:42 – Updated: 2024-09-16 17:09
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.
Severity
9.8 (Critical)
CWE
- CWE-912 - Hidden Functionality
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| https://cert.vde.com/en-us/advisories/vde-2020-053 | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ICRL-M-8RJ45/4SFP-G-DIN , ≤ 1.2.3
(custom)
Affected: ICRL-M-16RJ45/4CP-G-DIN , ≤ 1.2.3 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "CWE-912 Hidden Functionality",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:15.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "For ICRL-M-8RJ45/4SFP-G-DIN and ICRL-M-16RJ45/4CP-G-DIN:\nUpdate to Firmware 1.3.1 and deactivate TFTP-Service.\n\nFor all other devices:\nAn external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12504",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-912 Hidden Functionality"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "For ICRL-M-8RJ45/4SFP-G-DIN and ICRL-M-16RJ45/4CP-G-DIN:\nUpdate to Firmware 1.3.1 and deactivate TFTP-Service.\n\nFor all other devices:\nAn external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12504",
"datePublished": "2020-10-15T18:42:59.041Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:09:09.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12503 (GCVE-0-2020-12503)
Vulnerability from nvd – Published: 2020-10-15 18:42 – Updated: 2024-09-17 04:24
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.
Severity
7.2 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| https://cert.vde.com/en-us/advisories/vde-2020-053 | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ICRL-M-8RJ45/4SFP-G-DIN , ≤ 1.2.3
(custom)
Affected: ICRL-M-16RJ45/4CP-G-DIN , ≤ 1.2.3 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:09.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12503",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12503",
"datePublished": "2020-10-15T18:42:58.016Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:24:41.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12502 (GCVE-0-2020-12502)
Vulnerability from nvd – Published: 2020-10-15 18:42 – Updated: 2024-09-16 18:43
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration.
Severity
8.8 (High)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| https://cert.vde.com/en-us/advisories/vde-2020-053 | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ICRL-M-8RJ45/4SFP-G-DIN , ≤ 1.2.3
(custom)
Affected: ICRL-M-16RJ45/4CP-G-DIN , ≤ 1.2.3 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:11.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12502",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12502",
"datePublished": "2020-10-15T18:42:57.229Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:43:33.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12501 (GCVE-0-2020-12501)
Vulnerability from nvd – Published: 2020-10-15 18:42 – Updated: 2024-09-16 19:20
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.
Severity
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2022/Jun/3 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/167409/Koren… | x_refsource_MISC |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T16:06:23.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12501",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"name": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12501",
"datePublished": "2020-10-15T18:42:56.306Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:20:40.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12500 (GCVE-0-2020-12500)
Vulnerability from nvd – Published: 2020-10-15 18:42 – Updated: 2024-09-17 01:10
VLAI
Title
Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration.
Severity
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-040 | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2021/Jun/0 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/162903/Koren… | x_refsource_MISC |
| https://sec-consult.com/vulnerability-lab/advisor… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/165875/Koren… | x_refsource_MISC |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|
| Korenix | JetNet |
Affected:
5428G-20SFP , ≤ V1.0
(custom)
Affected: 5810G , ≤ V1.1 (custom) Affected: 4706F , ≤ V2.3b (custom) Affected: 4510 , ≤ V3.0b (custom) Affected: 5310 , < V1.6 (custom) |
|
| Westermo | PMI-110-F2G |
Affected:
unspecified , < V1.8
(custom)
|
Date Public
2020-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:13.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12500",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12500",
"datePublished": "2020-10-15T18:42:54.978Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:10:49.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4577 (GCVE-0-2012-4577)
Vulnerability from nvd – Published: 2012-08-21 18:00 – Updated: 2024-08-06 20:42
VLAI
Summary
The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02 | x_refsource_MISC |
| http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02 | x_refsource_MISC |
| http://www.digitalbond.com/2012/06/13/korenix-and… | x_refsource_MISC |
| http://www.securityfocus.com/bid/55196 | vdb-entryx_refsource_BID |
Date Public
2012-06-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "jetport-default-password(77992)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77992"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity"
},
{
"name": "55196",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55196"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of \"password\" for the root account, which allows remote attackers to obtain administrative access via an SSH session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "jetport-default-password(77992)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77992"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity"
},
{
"name": "55196",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55196"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of \"password\" for the root account, which allows remote attackers to obtain administrative access via an SSH session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "jetport-default-password(77992)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77992"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02"
},
{
"name": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity",
"refsource": "MISC",
"url": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity"
},
{
"name": "55196",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55196"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4577",
"datePublished": "2012-08-21T18:00:00.000Z",
"dateReserved": "2012-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:42:54.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-201711-0411
Vulnerability from variot - Updated: 2024-01-18 22:53A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. An attacker may gain access to hard-coded certificates and private keys allowing the attacker to perform man-in-the-middle attacks. plural Korenix JetNet The product contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. JetNet is a series of industrial Ethernet switch products from Koloris. Korenix JetNet is prone to a hard-coded cryptographic key vulnerability and security-bypass vulnerability. An attacker can exploit these issues to bypass the security mechanism and perform unauthorized actions or perform man-in-the middle attacks and obtain sensitive information. This may aid in further attacks. Korenix JetNet JetNet5018G etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0411",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jetnet5018g",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet5428g-2g-2fx",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet5628g-r",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet5628g",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet5728g-24p",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet6710g",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.1"
},
{
"model": "jetnet5310g",
"scope": "eq",
"trust": 2.4,
"vendor": "korenix",
"version": "1.4a"
},
{
"model": "jetnet5828g",
"scope": "eq",
"trust": 2.4,
"vendor": "korenix",
"version": "1.1d"
},
{
"model": "jetnet6710g-hvdc",
"scope": "eq",
"trust": 1.6,
"vendor": "korenix",
"version": "11e"
},
{
"model": "jetnet5310g 1.4a",
"scope": null,
"trust": 0.9,
"vendor": "korenix",
"version": null
},
{
"model": "jetnet5828g 1.1d",
"scope": null,
"trust": 0.9,
"vendor": "korenix",
"version": null
},
{
"model": "jetnet6710g-hvdc 1.1e",
"scope": null,
"trust": 0.9,
"vendor": "korenix",
"version": null
},
{
"model": "jetnet6710g-hvdc",
"scope": "eq",
"trust": 0.8,
"vendor": "korenix",
"version": "1.1e"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5018g",
"version": "1.4"
},
{
"model": "1.4a",
"scope": null,
"trust": 0.2,
"vendor": "jetnet5310g",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5428g 2g 2fx",
"version": "1.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5628g",
"version": "1.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5628g r",
"version": "1.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5728g 24p",
"version": "1.4"
},
{
"model": "1.1d",
"scope": null,
"trust": 0.2,
"vendor": "jetnet5828g",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet6710g",
"version": "1.1"
},
{
"model": "11e",
"scope": null,
"trust": 0.2,
"vendor": "jetnet6710g hvdc",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1254"
},
{
"db": "NVD",
"id": "CVE-2017-14021"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet5018g_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5018g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet5310g_firmware:1.4a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5310g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet5428g-2g-2fx_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5428g-2g-2fx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet5628g_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5628g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet5628g-r_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5628g-r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet5728g-24p_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5728g-24p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet5828g_firmware:1.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5828g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet6710g_firmware:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_6710g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet6710g-hvdc_firmware:11e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_6710g-hvdc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14021"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mandar Jadhav of the Qualys Vulnerability Signature/Research Team",
"sources": [
{
"db": "BID",
"id": "101598"
}
],
"trust": 0.3
},
"cve": "CVE-2017-14021",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-14021",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-31804",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-104702",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-14021",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-14021",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-31804",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1254",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-104702",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-14021",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"db": "VULHUB",
"id": "VHN-104702"
},
{
"db": "VULMON",
"id": "CVE-2017-14021"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1254"
},
{
"db": "NVD",
"id": "CVE-2017-14021"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. An attacker may gain access to hard-coded certificates and private keys allowing the attacker to perform man-in-the-middle attacks. plural Korenix JetNet The product contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. JetNet is a series of industrial Ethernet switch products from Koloris. Korenix JetNet is prone to a hard-coded cryptographic key vulnerability and security-bypass vulnerability. \nAn attacker can exploit these issues to bypass the security mechanism and perform unauthorized actions or perform man-in-the middle attacks and obtain sensitive information. This may aid in further attacks. Korenix JetNet JetNet5018G etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14021"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9"
},
{
"db": "VULHUB",
"id": "VHN-104702"
},
{
"db": "VULMON",
"id": "CVE-2017-14021"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14021",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-01",
"trust": 3.5
},
{
"db": "BID",
"id": "101598",
"trust": 2.1
},
{
"db": "CNVD",
"id": "CNVD-2017-31804",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1254",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009865",
"trust": 0.8
},
{
"db": "IVD",
"id": "35F5D794-8E07-4A55-A9BD-DEDABB2561E9",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-104702",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-14021",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"db": "VULHUB",
"id": "VHN-104702"
},
{
"db": "VULMON",
"id": "CVE-2017-14021"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1254"
},
{
"db": "NVD",
"id": "CVE-2017-14021"
}
]
},
"id": "VAR-201711-0411",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"db": "VULHUB",
"id": "VHN-104702"
}
],
"trust": 1.5111111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-31804"
}
]
},
"last_update_date": "2024-01-18T22:53:43.700000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.korenix.com/index.aspx"
},
{
"title": "Patch for KorenixJetNet Man-in-the-Middle Attack Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/104770"
},
{
"title": "Multiple Korenix Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=100015"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1254"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104702"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"db": "NVD",
"id": "CVE-2017-14021"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-01"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/101598"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14021"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14021"
},
{
"trust": 0.3,
"url": "http://www.korenix.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"db": "VULHUB",
"id": "VHN-104702"
},
{
"db": "VULMON",
"id": "CVE-2017-14021"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1254"
},
{
"db": "NVD",
"id": "CVE-2017-14021"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"db": "VULHUB",
"id": "VHN-104702"
},
{
"db": "VULMON",
"id": "CVE-2017-14021"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1254"
},
{
"db": "NVD",
"id": "CVE-2017-14021"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-27T00:00:00",
"db": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9"
},
{
"date": "2017-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"date": "2017-11-01T00:00:00",
"db": "VULHUB",
"id": "VHN-104702"
},
{
"date": "2017-11-01T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14021"
},
{
"date": "2017-10-26T00:00:00",
"db": "BID",
"id": "101598"
},
{
"date": "2017-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1254"
},
{
"date": "2017-11-01T02:29:00.210000",
"db": "NVD",
"id": "CVE-2017-14021"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31804"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-104702"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14021"
},
{
"date": "2017-12-19T20:00:00",
"db": "BID",
"id": "101598"
},
{
"date": "2017-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009865"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1254"
},
{
"date": "2024-01-17T15:05:39.563000",
"db": "NVD",
"id": "CVE-2017-14021"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1254"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Korenix JetNet Man-in-the-middle attack vulnerability",
"sources": [
{
"db": "IVD",
"id": "35f5d794-8e07-4a55-a9bd-dedabb2561e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-31804"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1254"
}
],
"trust": 0.6
}
}
VAR-201711-0414
Vulnerability from variot - Updated: 2024-01-18 22:53A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. The software uses undocumented hard-coded credentials that may allow an attacker to gain remote access. plural Korenix JetNet The product contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. JetNet is a series of industrial Ethernet switch products from Koloris. Korenix JetNet is prone to a hard-coded cryptographic key vulnerability and security-bypass vulnerability. An attacker can exploit these issues to bypass the security mechanism and perform unauthorized actions or perform man-in-the middle attacks and obtain sensitive information. This may aid in further attacks. Korenix JetNet JetNet5018G etc. A security vulnerability exists in several Korenix products due to the program's use of hard-coded certificates
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0414",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jetnet5018g",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet5428g-2g-2fx",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet5628g-r",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet5628g",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet5728g-24p",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.4"
},
{
"model": "jetnet6710g",
"scope": "eq",
"trust": 3.3,
"vendor": "korenix",
"version": "1.1"
},
{
"model": "jetnet5310g",
"scope": "eq",
"trust": 2.4,
"vendor": "korenix",
"version": "1.4a"
},
{
"model": "jetnet5828g",
"scope": "eq",
"trust": 2.4,
"vendor": "korenix",
"version": "1.1d"
},
{
"model": "jetnet6710g-hvdc",
"scope": "eq",
"trust": 1.6,
"vendor": "korenix",
"version": "11e"
},
{
"model": "jetnet5310g 1.4a",
"scope": null,
"trust": 0.9,
"vendor": "korenix",
"version": null
},
{
"model": "jetnet5828g 1.1d",
"scope": null,
"trust": 0.9,
"vendor": "korenix",
"version": null
},
{
"model": "jetnet6710g-hvdc 1.1e",
"scope": null,
"trust": 0.9,
"vendor": "korenix",
"version": null
},
{
"model": "jetnet6710g-hvdc",
"scope": "eq",
"trust": 0.8,
"vendor": "korenix",
"version": "1.1e"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5018g",
"version": "1.4"
},
{
"model": "1.4a",
"scope": null,
"trust": 0.2,
"vendor": "jetnet5310g",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5428g 2g 2fx",
"version": "1.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5628g",
"version": "1.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5628g r",
"version": "1.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet5728g 24p",
"version": "1.4"
},
{
"model": "1.1d",
"scope": null,
"trust": 0.2,
"vendor": "jetnet5828g",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "jetnet6710g",
"version": "1.1"
},
{
"model": "11e",
"scope": null,
"trust": 0.2,
"vendor": "jetnet6710g hvdc",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654"
},
{
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1248"
},
{
"db": "NVD",
"id": "CVE-2017-14027"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet5018g_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5018g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet5310g_firmware:1.4a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5310g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet5428g-2g-2fx_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5428g-2g-2fx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet5628g_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5628g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet5628g-r_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5628g-r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet5728g-24p_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5728g-24p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet5828g_firmware:1.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_5828g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet6710g_firmware:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_6710g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetnet6710g-hvdc_firmware:11e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetnet_6710g-hvdc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14027"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mandar Jadhav of the Qualys Vulnerability Signature/Research Team",
"sources": [
{
"db": "BID",
"id": "101598"
}
],
"trust": 0.3
},
"cve": "CVE-2017-14027",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-14027",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-31805",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-104708",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-14027",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-14027",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-31805",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1248",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-104708",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-14027",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654"
},
{
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"db": "VULHUB",
"id": "VHN-104708"
},
{
"db": "VULMON",
"id": "CVE-2017-14027"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1248"
},
{
"db": "NVD",
"id": "CVE-2017-14027"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. The software uses undocumented hard-coded credentials that may allow an attacker to gain remote access. plural Korenix JetNet The product contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. JetNet is a series of industrial Ethernet switch products from Koloris. Korenix JetNet is prone to a hard-coded cryptographic key vulnerability and security-bypass vulnerability. \nAn attacker can exploit these issues to bypass the security mechanism and perform unauthorized actions or perform man-in-the middle attacks and obtain sensitive information. This may aid in further attacks. Korenix JetNet JetNet5018G etc. A security vulnerability exists in several Korenix products due to the program\u0027s use of hard-coded certificates",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14027"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654"
},
{
"db": "VULHUB",
"id": "VHN-104708"
},
{
"db": "VULMON",
"id": "CVE-2017-14027"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14027",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-01",
"trust": 3.5
},
{
"db": "BID",
"id": "101598",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1248",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-31805",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009866",
"trust": 0.8
},
{
"db": "IVD",
"id": "817472EA-38CB-4D8B-B89C-06F800EAF654",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-104708",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-14027",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654"
},
{
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"db": "VULHUB",
"id": "VHN-104708"
},
{
"db": "VULMON",
"id": "CVE-2017-14027"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1248"
},
{
"db": "NVD",
"id": "CVE-2017-14027"
}
]
},
"id": "VAR-201711-0414",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654"
},
{
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"db": "VULHUB",
"id": "VHN-104708"
}
],
"trust": 1.5111111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654"
},
{
"db": "CNVD",
"id": "CNVD-2017-31805"
}
]
},
"last_update_date": "2024-01-18T22:53:43.658000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.korenix.com/index.aspx"
},
{
"title": "KorenixJetNet is not authorized to access the patch for the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/104769"
},
{
"title": "Multiple Korenix Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=100011"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1248"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104708"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"db": "NVD",
"id": "CVE-2017-14027"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-01"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/101598"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14027"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14027"
},
{
"trust": 0.3,
"url": "http://www.korenix.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"db": "VULHUB",
"id": "VHN-104708"
},
{
"db": "VULMON",
"id": "CVE-2017-14027"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1248"
},
{
"db": "NVD",
"id": "CVE-2017-14027"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654"
},
{
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"db": "VULHUB",
"id": "VHN-104708"
},
{
"db": "VULMON",
"id": "CVE-2017-14027"
},
{
"db": "BID",
"id": "101598"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1248"
},
{
"db": "NVD",
"id": "CVE-2017-14027"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-27T00:00:00",
"db": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654"
},
{
"date": "2017-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"date": "2017-11-01T00:00:00",
"db": "VULHUB",
"id": "VHN-104708"
},
{
"date": "2017-11-01T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14027"
},
{
"date": "2017-10-26T00:00:00",
"db": "BID",
"id": "101598"
},
{
"date": "2017-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1248"
},
{
"date": "2017-11-01T02:29:00.257000",
"db": "NVD",
"id": "CVE-2017-14027"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31805"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-104708"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14027"
},
{
"date": "2017-12-19T20:00:00",
"db": "BID",
"id": "101598"
},
{
"date": "2017-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009866"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1248"
},
{
"date": "2024-01-17T15:05:39.563000",
"db": "NVD",
"id": "CVE-2017-14027"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1248"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Korenix JetNet Unauthorized Access Vulnerability",
"sources": [
{
"db": "IVD",
"id": "817472ea-38cb-4d8b-b89c-06f800eaf654"
},
{
"db": "CNVD",
"id": "CNVD-2017-31805"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1248"
}
],
"trust": 0.6
}
}
VAR-201208-0449
Vulnerability from variot - Updated: 2023-12-18 13:44The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session. The Korenix JetPort Series is an intelligent RS-232 or RS-/422/485 serial to Ethernet device networking server. ORing Industrial DIN-Rail serial-device servers are also similar to such devices. Korenix Jetport 5600 series products are prone to a remote authentication-bypass vulnerability. Successful exploits will result in the complete compromise of the affected device. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: JetPort 5600 Hardcoded Credentials Security Issue
SECUNIA ADVISORY ID: SA51083
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51083/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51083
RELEASE DATE: 2012-10-24
DISCUSS ADVISORY: http://secunia.com/advisories/51083/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51083/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51083
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A security issue has been reported in JetPort 5600, which can be exploited by malicious people to compromise a vulnerable device.
The security issue is reported in versions prior to 2.01.
SOLUTION: Update to version 2.01.
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Reid Wightman, Digital Bond.
ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-297-02.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0449",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jetport",
"scope": "eq",
"trust": 2.4,
"vendor": "korenix",
"version": "5601"
},
{
"model": "jetport",
"scope": "eq",
"trust": 2.4,
"vendor": "korenix",
"version": "5601f"
},
{
"model": "jetport",
"scope": "eq",
"trust": 2.4,
"vendor": "korenix",
"version": "5604"
},
{
"model": "jetport",
"scope": "eq",
"trust": 2.4,
"vendor": "korenix",
"version": "5604i"
},
{
"model": "jetport series serial-device servers",
"scope": "eq",
"trust": 0.6,
"vendor": "korenix",
"version": "5600"
},
{
"model": "industrial corp. industrial din-rail serial-device servers",
"scope": null,
"trust": 0.6,
"vendor": "oring",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4382"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003799"
},
{
"db": "NVD",
"id": "CVE-2012-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetport:5601:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:korenix:jetport:5601f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:korenix:jetport:5604:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:korenix:jetport:5604i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4577"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Reid Wightman",
"sources": [
{
"db": "BID",
"id": "55196"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
],
"trust": 0.9
},
"cve": "CVE-2012-4577",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-4577",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4577",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-363",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003799"
},
{
"db": "NVD",
"id": "CVE-2012-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of \"password\" for the root account, which allows remote attackers to obtain administrative access via an SSH session. The Korenix JetPort Series is an intelligent RS-232 or RS-/422/485 serial to Ethernet device networking server. ORing Industrial DIN-Rail serial-device servers are also similar to such devices. Korenix Jetport 5600 series products are prone to a remote authentication-bypass vulnerability. Successful exploits will result in the complete compromise of the affected device. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nJetPort 5600 Hardcoded Credentials Security Issue\n\nSECUNIA ADVISORY ID:\nSA51083\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51083/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51083\n\nRELEASE DATE:\n2012-10-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51083/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51083/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51083\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in JetPort 5600, which can be\nexploited by malicious people to compromise a vulnerable device. \n\nThe security issue is reported in versions prior to 2.01. \n\nSOLUTION:\nUpdate to version 2.01. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Reid Wightman, Digital Bond. \n\nORIGINAL ADVISORY:\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-297-02.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4577"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003799"
},
{
"db": "CNVD",
"id": "CNVD-2012-4382"
},
{
"db": "BID",
"id": "55196"
},
{
"db": "PACKETSTORM",
"id": "117644"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4577",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-12-297-02",
"trust": 1.9
},
{
"db": "ICS CERT",
"id": "ICSA-12-263-02",
"trust": 1.8
},
{
"db": "BID",
"id": "55196",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003799",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-4382",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47135",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201208-363",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "51083",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "117644",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4382"
},
{
"db": "BID",
"id": "55196"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003799"
},
{
"db": "PACKETSTORM",
"id": "117644"
},
{
"db": "NVD",
"id": "CVE-2012-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
]
},
"id": "VAR-201208-0449",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4382"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4382"
}
]
},
"last_update_date": "2023-12-18T13:44:38.982000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.korenix.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003799"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003799"
},
{
"db": "NVD",
"id": "CVE-2012-4577"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-12-297-02"
},
{
"trust": 1.8,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-12-263-02"
},
{
"trust": 1.4,
"url": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity/"
},
{
"trust": 1.0,
"url": "http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/55196"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77992"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4577"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4577"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47135"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51083/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51083/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51083"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-297-02.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4382"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003799"
},
{
"db": "PACKETSTORM",
"id": "117644"
},
{
"db": "NVD",
"id": "CVE-2012-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-4382"
},
{
"db": "BID",
"id": "55196"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003799"
},
{
"db": "PACKETSTORM",
"id": "117644"
},
{
"db": "NVD",
"id": "CVE-2012-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-4382"
},
{
"date": "2012-08-23T00:00:00",
"db": "BID",
"id": "55196"
},
{
"date": "2012-08-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003799"
},
{
"date": "2012-10-25T06:24:20",
"db": "PACKETSTORM",
"id": "117644"
},
{
"date": "2012-08-21T18:55:01.327000",
"db": "NVD",
"id": "CVE-2012-4577"
},
{
"date": "2012-08-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-4382"
},
{
"date": "2012-10-23T23:40:00",
"db": "BID",
"id": "55196"
},
{
"date": "2013-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003799"
},
{
"date": "2017-08-29T01:32:19.633000",
"db": "NVD",
"id": "CVE-2012-4577"
},
{
"date": "2020-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Korenix Jetport Vulnerabilities that can gain management access in firmware used by Microsoft and other products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003799"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-363"
}
],
"trust": 0.6
}
}
VAR-201903-0217
Vulnerability from variot - Updated: 2023-12-18 13:28The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial Setting. The web management page in Korenix JetPort 5601 and 5601f has a cross-site scripting vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0217",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jetport web manager",
"scope": "eq",
"trust": 1.0,
"vendor": "korenix",
"version": null
},
{
"model": "jetport 5601f",
"scope": "eq",
"trust": 1.0,
"vendor": "korenix",
"version": null
},
{
"model": "jetport 5601",
"scope": "eq",
"trust": 1.0,
"vendor": "korenix",
"version": null
},
{
"model": "jetnet web manager",
"scope": null,
"trust": 0.8,
"vendor": "korenix",
"version": null
},
{
"model": "jetport 5601",
"scope": null,
"trust": 0.8,
"vendor": "korenix",
"version": null
},
{
"model": "jetport 5601f",
"scope": null,
"trust": 0.8,
"vendor": "korenix",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002437"
},
{
"db": "NVD",
"id": "CVE-2019-9725"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:korenix:jetport_web_manager:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetport_5601_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetport_5601:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:korenix:jetport_5601f_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:korenix:jetport_5601f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9725"
}
]
},
"cve": "CVE-2019-9725",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-9725",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-161160",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2019-9725",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-9725",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-356",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-161160",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161160"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002437"
},
{
"db": "NVD",
"id": "CVE-2019-9725"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-356"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial Setting. The web management page in Korenix JetPort 5601 and 5601f has a cross-site scripting vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002437"
},
{
"db": "VULHUB",
"id": "VHN-161160"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9725",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002437",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-356",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-161160",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161160"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002437"
},
{
"db": "NVD",
"id": "CVE-2019-9725"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-356"
}
]
},
"id": "VAR-201903-0217",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-161160"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:28:38.890000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.korenix.com/index.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002437"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161160"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002437"
},
{
"db": "NVD",
"id": "CVE-2019-9725"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "https://medium.com/@bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9725"
},
{
"trust": 1.0,
"url": "https://medium.com/%40bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9725"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161160"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002437"
},
{
"db": "NVD",
"id": "CVE-2019-9725"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-356"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-161160"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002437"
},
{
"db": "NVD",
"id": "CVE-2019-9725"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-356"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-161160"
},
{
"date": "2019-04-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002437"
},
{
"date": "2019-03-12T20:29:00.407000",
"db": "NVD",
"id": "CVE-2019-9725"
},
{
"date": "2019-03-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-356"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-13T00:00:00",
"db": "VULHUB",
"id": "VHN-161160"
},
{
"date": "2019-04-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002437"
},
{
"date": "2023-11-07T03:13:45.687000",
"db": "NVD",
"id": "CVE-2019-9725"
},
{
"date": "2019-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-356"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-356"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Korenix JetPort 5601 and 5601f Runs on the device Web manager Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002437"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-356"
}
],
"trust": 0.6
}
}