cvelistv5 - CVE-2013-4708

CVE-2013-4708 (GCVE-0-2013-4708)

Vulnerability from cvelistv5

Published

2013-10-01 17:00

Modified

2024-09-17 01:15

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

gsd-2013-4708

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2013-4708

Aliases

CVE-2013-4708

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-4708",
    "description": "The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.",
    "id": "GSD-2013-4708"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-4708"
      ],
      "details": "The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.",
      "id": "GSD-2013-4708",
      "modified": "2023-12-13T01:22:16.738039Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2013-4708",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.seil.jp/support/security/a01388.html",
            "refsource": "CONFIRM",
            "url": "http://www.seil.jp/support/security/a01388.html"
          },
          {
            "name": "JVN#40079308",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN40079308/index.html"
          },
          {
            "name": "97619",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/97619"
          },
          {
            "name": "JVNDB-2013-000091",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fx1_firmware:4.30:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fx1_firmware:1.00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:iij:seil\\/x1:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fb1_firmware:4.30:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fb1_firmware:1.00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:iij:seil\\/b1:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fx2_firmware:1.00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fx2_firmware:4.30:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:iij:seil\\/x2:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fx86_firmware:2.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fx86_firmware:1.00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:iij:seil\\/x86:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fturbo_firmware:2.05:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fturbo_firmware:2.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fturbo_firmware:1.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:iij:seil\\/turbo:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fneu_2fe_plus_firmware:1.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fneu_2fe_plus_firmware:2.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:iij:seil\\%2fneu_2fe_plus_firmware:2.05:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:iij:seil\\/neu_2fe_plus:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2013-4708"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-310"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVNDB-2013-000091",
              "refsource": "JVNDB",
              "tags": [],
              "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html"
            },
            {
              "name": "JVN#40079308",
              "refsource": "JVN",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN40079308/index.html"
            },
            {
              "name": "97619",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/97619"
            },
            {
              "name": "http://www.seil.jp/support/security/a01388.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.seil.jp/support/security/a01388.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-10-07T14:06Z",
      "publishedDate": "2013-10-01T17:55Z"
    }
  }
}

ghsa-p7q8-xc55-c6m5

Vulnerability from github

Published

2022-05-17 05:03

Modified

2022-05-17 05:03

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-4708"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-10-01T17:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.",
  "id": "GHSA-p7q8-xc55-c6m5",
  "modified": "2022-05-17T05:03:12Z",
  "published": "2022-05-17T05:03:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4708"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN40079308/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/97619"
    },
    {
      "type": "WEB",
      "url": "http://www.seil.jp/support/security/a01388.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2013-4708

Vulnerability from jvndb

Published

2013-09-20 14:52

Modified

2013-10-08 15:36

Severity ?

() - -

Summary

SEIL Series routers vulnerable in RADIUS authentication

Details

SEIL Series routers contain a vulnerability in RADIUS authentication. The PPP Access Concentrator (PPPAC) in SEIL Series routers provided by Internet Initiative Japan Inc. contains an issue when generating random numbers used for RADIUS authentication, which may result in the generated random numbers to be easily predicted.

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN40079308/
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4708
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4708
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Internet Initiative Japan Inc.	SEIL/B1
	Internet Initiative Japan Inc.	SEIL/neu 2FE Plus
	Internet Initiative Japan Inc.	SEIL/Turbo
	Internet Initiative Japan Inc.	SEIL/X1
	Internet Initiative Japan Inc.	SEIL/X2
	Internet Initiative Japan Inc.	SEIL/x86
	Internet Initiative Japan Inc.	SEIL/B1 firmware
	Internet Initiative Japan Inc.	SEIL/neu 2FE Plus firmware
	Internet Initiative Japan Inc.	SEIL/Turbo firmware
	Internet Initiative Japan Inc.	SEIL/X1 firmware
	Internet Initiative Japan Inc.	SEIL/X2 firmware
	Internet Initiative Japan Inc.	SEIL/x86 firmware

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000091.html",
  "dc:date": "2013-10-08T15:36+09:00",
  "dcterms:issued": "2013-09-20T14:52+09:00",
  "dcterms:modified": "2013-10-08T15:36+09:00",
  "description": "SEIL Series routers contain a vulnerability in RADIUS authentication.\r\n\r\nThe PPP Access Concentrator (PPPAC) in SEIL Series routers provided by Internet Initiative Japan Inc. contains an issue when generating random numbers used for RADIUS authentication, which may result in the generated random numbers to be easily predicted.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000091.html",
  "sec:cpe": [
    {
      "#text": "cpe:/h:iij:seil%2Fb1",
      "@product": "SEIL/B1",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:iij:seil%2Fneu_2fe_plus",
      "@product": "SEIL/neu 2FE Plus",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:iij:seil%2Fturbo",
      "@product": "SEIL/Turbo",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:iij:seil%2Fx1",
      "@product": "SEIL/X1",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:iij:seil%2Fx2",
      "@product": "SEIL/X2",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:iij:seil%2Fx86",
      "@product": "SEIL/x86",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:iij:seil%252fb1_firmware",
      "@product": "SEIL/B1 firmware",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:iij:seil%252fneu_2fe_plus_firmware",
      "@product": "SEIL/neu 2FE Plus firmware",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:iij:seil%252fturbo_firmware",
      "@product": "SEIL/Turbo firmware",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:iij:seil%252fx1_firmware",
      "@product": "SEIL/X1 firmware",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:iij:seil%252fx2_firmware",
      "@product": "SEIL/X2 firmware",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:iij:seil%252fx86_firmware",
      "@product": "SEIL/x86 firmware",
      "@vendor": "Internet Initiative Japan Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-000091",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN40079308/",
      "@id": "JVN#40079308",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4708",
      "@id": "CVE-2013-4708",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4708",
      "@id": "CVE-2013-4708",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "SEIL Series routers vulnerable in RADIUS authentication"
}

fkie_cve-2013-4708

Vulnerability from fkie_nvd

Published

2013-10-01 17:55

Modified

2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN40079308/index.html
vultures@jpcert.or.jp	http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html
vultures@jpcert.or.jp	http://osvdb.org/97619
vultures@jpcert.or.jp	http://www.seil.jp/support/security/a01388.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN40079308/index.html
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/97619
af854a3a-2127-422b-91ae-364da2661108	http://www.seil.jp/support/security/a01388.html	Vendor Advisory

Impacted products

Vendor	Product	Version
iij	seil\%2fx1_firmware	1.00
iij	seil\%2fx1_firmware	4.30
iij	seil\/x1	*
iij	seil\%2fb1_firmware	1.00
iij	seil\%2fb1_firmware	4.30
iij	seil\/b1	*
iij	seil\%2fx2_firmware	1.00
iij	seil\%2fx2_firmware	4.30
iij	seil\/x2	*
iij	seil\%2fx86_firmware	1.00
iij	seil\%2fx86_firmware	2.80
iij	seil\/x86	*
iij	seil\%2fturbo_firmware	1.80
iij	seil\%2fturbo_firmware	2.05
iij	seil\%2fturbo_firmware	2.15
iij	seil\/turbo	*
iij	seil\%2fneu_2fe_plus_firmware	1.80
iij	seil\%2fneu_2fe_plus_firmware	2.05
iij	seil\%2fneu_2fe_plus_firmware	2.15
iij	seil\/neu_2fe_plus	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fx1_firmware:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F2F6546-4443-48EE-B29E-B2999A22E906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fx1_firmware:4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EA8CA61-D4F6-4A11-87FC-E0898C73A04E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:iij:seil\\/x1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A63E557-3BA6-4E0E-8597-BAA112B21DEF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fb1_firmware:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "745A1DDE-27CA-4E82-9D7A-E6A11404E02E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fb1_firmware:4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB1D5F4-986D-4D3F-800B-2BDD2EDE7DC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:iij:seil\\/b1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE3BBD4-FB2E-4543-9149-0452B26FAC31",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fx2_firmware:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "B02919BA-9D40-4882-A2E0-BE02EBF18862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fx2_firmware:4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8A57950-024E-4F86-ADC5-6ED33966CD73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:iij:seil\\/x2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF54D2DC-48BF-4E7D-BC33-1010B8DBF9E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fx86_firmware:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "86111C25-1F23-43A0-A2C9-DADE78F16A0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fx86_firmware:2.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "01A2F64E-4C0E-47F8-B314-3A4B101F23B5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:iij:seil\\/x86:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "477E1688-0CA2-4BD0-A29C-3239B760FA3C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fturbo_firmware:1.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D60C9B1-33AE-42B8-9521-20AF2351458A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fturbo_firmware:2.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D33318-9872-4757-9B6D-844A8FD34360",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fturbo_firmware:2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F463AD3-69F3-48EF-98E6-7F3BF06517A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:iij:seil\\/turbo:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC88F5F6-CB51-4676-91D6-69668229E675",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fneu_2fe_plus_firmware:1.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A637B6-3EC2-4BD8-89B4-3B259140412E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fneu_2fe_plus_firmware:2.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC5F0F67-6961-478C-9895-7EFC2FD7CD2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:iij:seil\\%2fneu_2fe_plus_firmware:2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E159CF1-554D-4737-9506-59BFF0428C33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:iij:seil\\/neu_2fe_plus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB4A421-197B-4654-B362-AEDA3ADADC33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic."
    },
    {
      "lang": "es",
      "value": "El PPP Access Concentrator (PPPAC) en Internet Initiative Japan Inc. SEIL/x86 1.00 hasta la versi\u00f3n 2.80, SEIL/X1 1.00 hasta 4.30, SEIL/X2 1.00 hasta 4.30, SEIL/B1 1.00 hasta 4.30, SEIL/Turbo 1.80 hasta 2.15, y SEIL/neu 2FE Plus 1.80 hasta la versi\u00f3n 2.15 genera n\u00fameros aleatorios predecibles, lo que permite a atacantes remotos evadir la autenticaci\u00f3n RADIUS interceptando el tr\u00e1fico de RADIUS."
    }
  ],
  "id": "CVE-2013-4708",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-10-01T17:55:03.647",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvn.jp/en/jp/JVN40079308/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://osvdb.org/97619"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.seil.jp/support/security/a01388.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN40079308/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/97619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.seil.jp/support/security/a01388.html"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-201310-0458

Vulnerability from variot

The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic. SEIL Series routers contain a vulnerability in RADIUS authentication. SEIL/Turbo and SEIL/neu 2FE Plus routers are router devices developed by SEIL. Multiple SEIL products are prone to a security weakness. Attackers can leverage this issue to bypass certain security restrictions. This may aid in further attacks. The following products are vulnerable: SEIL/x86 1.00 through 2.81 SEIL/X1 1.00 through 4.31 SEIL/X2 1.00 through 4.31 SEIL/B1 1.00 through 4.31 SEIL/Turbo 2.05 through 2.15 SEIL/neu 2FE Plus 2.05 through 2.15. SEIL/x86, etc. SEIL/x86 due to the fact that the program generates predictable random numbers. SEIL/x86 Versions 1.00 to 2.80, SEIL/X1 Versions 1.00 to 4.30, SEIL/X2 Versions 1.00 to 4.30, SEIL/B1 Versions 1.00 to 4.30, SEIL/Turbo Versions 1.80 to 2.15, and SEIL/neu 2FE Plus versions 1.80 to 2.15

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201310-0458",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "seil\\%2fturbo",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "2.15"
      },
      {
        "model": "seil\\%2fneu 2fe plus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "2.05"
      },
      {
        "model": "seil\\%2fx86",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "1.00"
      },
      {
        "model": "seil\\%2fb1",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "1.00"
      },
      {
        "model": "seil\\%2fb1",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "4.30"
      },
      {
        "model": "seil\\%2fneu 2fe plus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "1.80"
      },
      {
        "model": "seil\\%2fturbo",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "1.80"
      },
      {
        "model": "seil\\%2fturbo",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "2.05"
      },
      {
        "model": "seil\\%2fx86",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "2.80"
      },
      {
        "model": "seil\\%2fneu 2fe plus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iij",
        "version": "2.15"
      },
      {
        "model": "seil\\/x86",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "*"
      },
      {
        "model": "seil\\%2fx2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "1.00"
      },
      {
        "model": "seil\\%2fx1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "4.30"
      },
      {
        "model": "seil\\/b1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "*"
      },
      {
        "model": "seil\\%2fx2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "4.30"
      },
      {
        "model": "seil\\/neu 2fe plus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "*"
      },
      {
        "model": "seil\\%2fx1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "1.00"
      },
      {
        "model": "seil\\/x1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "*"
      },
      {
        "model": "seil\\/x2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "*"
      },
      {
        "model": "seil\\/turbo",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iij",
        "version": "*"
      },
      {
        "model": "seil/neu 2fe plus",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "seil",
        "version": "1.80"
      },
      {
        "model": "seil/turbo",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "seil",
        "version": "1.80"
      },
      {
        "model": "seil/b1",
        "scope": null,
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": null
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": "1.00 to 4.30"
      },
      {
        "model": "seil/neu 2fe plus",
        "scope": null,
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": null
      },
      {
        "model": "seil/neu 2fe plus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": "1.80 to 2.15"
      },
      {
        "model": "seil/turbo",
        "scope": null,
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": null
      },
      {
        "model": "seil/turbo",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": "1.80 to 2.15"
      },
      {
        "model": "seil/x1",
        "scope": null,
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": null
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": "1.00 to 4.30"
      },
      {
        "model": "seil/x2",
        "scope": null,
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": null
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": "1.00 to 4.30"
      },
      {
        "model": "seil/x86",
        "scope": null,
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": null
      },
      {
        "model": "seil/x86",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "internet initiative",
        "version": "1.00 to 2.80"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.60"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "4.30"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.45"
      },
      {
        "model": "seil/x86",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.81"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.42"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.30"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.52"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.50"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "1.00"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "3.11"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "3.75"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "4.30"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "3.12"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.49"
      },
      {
        "model": "seil/neu 2fe plus",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.16"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.30"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.41"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.40"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.51"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.47"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.50"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "1.00"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.48"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.44"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.45"
      },
      {
        "model": "seil/x86",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "1.61"
      },
      {
        "model": "seil/turbo",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.15"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "3.12"
      },
      {
        "model": "seil/x86",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.35"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.42"
      },
      {
        "model": "seil/x1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "seil",
        "version": "4.31"
      },
      {
        "model": "seil/b1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "seil",
        "version": "4.31"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.51"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "3.11"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.46"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.52"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.43"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "3.75"
      },
      {
        "model": "seil/x86",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "1.00"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "4.30"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.47"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.41"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.40"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "3.11"
      },
      {
        "model": "seil/b1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.48"
      },
      {
        "model": "seil/turbo",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.16"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.30"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.48"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.44"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "1.00"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "3.12"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.50"
      },
      {
        "model": "seil/x2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "seil",
        "version": "4.31"
      },
      {
        "model": "seil/x86",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.80"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.49"
      },
      {
        "model": "seil/neu 2fe plus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.15"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.46"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.52"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.43"
      },
      {
        "model": "seil/x2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "2.51"
      },
      {
        "model": "seil/x1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "seil",
        "version": "3.75"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "db": "BID",
        "id": "62612"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-504"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4708"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:iij:seil%2Fb1",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:iij:seil%252fb1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:iij:seil%2Fneu_2fe_plus",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:iij:seil%252fneu_2fe_plus_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:iij:seil%2Fturbo",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:iij:seil%252fturbo_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:iij:seil%2Fx1",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:iij:seil%252fx1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:iij:seil%2Fx2",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:iij:seil%252fx2_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:iij:seil%2Fx86",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:iij:seil%252fx86_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "62612"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-4708",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "CVE-2013-4708",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 4.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2013-000091",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2013-13386",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "VHN-64710",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-4708",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2013-000091",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-13386",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201309-504",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-64710",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64710"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-504"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4708"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic. SEIL Series routers contain a vulnerability in RADIUS authentication. SEIL/Turbo and SEIL/neu 2FE Plus routers are router devices developed by SEIL. Multiple SEIL products are prone to a security weakness. \nAttackers can leverage this issue to bypass certain security restrictions. This may aid in further attacks. \nThe following products are vulnerable:\nSEIL/x86 1.00 through 2.81\nSEIL/X1 1.00 through 4.31\nSEIL/X2 1.00 through 4.31\nSEIL/B1 1.00 through 4.31\nSEIL/Turbo 2.05 through 2.15\nSEIL/neu 2FE Plus 2.05 through 2.15. SEIL/x86, etc. SEIL/x86 due to the fact that the program generates predictable random numbers. SEIL/x86 Versions 1.00 to 2.80, SEIL/X1 Versions 1.00 to 4.30, SEIL/X2 Versions 1.00 to 4.30, SEIL/B1 Versions 1.00 to 4.30, SEIL/Turbo Versions 1.80 to 2.15, and SEIL/neu 2FE Plus versions 1.80 to 2.15",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-4708"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "db": "BID",
        "id": "62612"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64710"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-4708",
        "trust": 3.4
      },
      {
        "db": "JVN",
        "id": "JVN40079308",
        "trust": 2.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091",
        "trust": 2.5
      },
      {
        "db": "OSVDB",
        "id": "97619",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "62612",
        "trust": 1.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-504",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "54818",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386",
        "trust": 0.6
      },
      {
        "db": "JVN",
        "id": "JVN#40079308",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-64710",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64710"
      },
      {
        "db": "BID",
        "id": "62612"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-504"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4708"
      }
    ]
  },
  "id": "VAR-201310-0458",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64710"
      }
    ],
    "trust": 1.240005232857143
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      }
    ]
  },
  "last_update_date": "2024-11-23T23:09:55.672000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Internet Initiative Japan Inc. website",
        "trust": 0.8,
        "url": "http://www.seil.jp/support/security/a01388.html"
      },
      {
        "title": "SEIL Multiple Products RADIUS Verification Random Number Generation Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/39884"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-310",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-64710"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4708"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://www.seil.jp/support/security/a01388.html"
      },
      {
        "trust": 1.7,
        "url": "http://jvn.jp/en/jp/jvn40079308/index.html"
      },
      {
        "trust": 1.7,
        "url": "http://jvndb.jvn.jp/ja/contents/2013/jvndb-2013-000091.html"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/97619"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4708"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/en/jp/jvn40079308/"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4708"
      },
      {
        "trust": 0.6,
        "url": "http://www.secunia.com/advisories/54818/"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/62612"
      },
      {
        "trust": 0.3,
        "url": "http://jvn.jp/jp/jvn40079308/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64710"
      },
      {
        "db": "BID",
        "id": "62612"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-504"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4708"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64710"
      },
      {
        "db": "BID",
        "id": "62612"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-504"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4708"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-09-29T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "date": "2013-10-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64710"
      },
      {
        "date": "2013-09-20T00:00:00",
        "db": "BID",
        "id": "62612"
      },
      {
        "date": "2013-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      },
      {
        "date": "2013-09-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201309-504"
      },
      {
        "date": "2013-10-01T17:55:03.647000",
        "db": "NVD",
        "id": "CVE-2013-4708"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-09-29T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-13386"
      },
      {
        "date": "2013-10-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64710"
      },
      {
        "date": "2013-09-20T00:00:00",
        "db": "BID",
        "id": "62612"
      },
      {
        "date": "2013-10-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      },
      {
        "date": "2014-06-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201309-504"
      },
      {
        "date": "2024-11-21T01:56:06.790000",
        "db": "NVD",
        "id": "CVE-2013-4708"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-504"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SEIL Series routers vulnerable in RADIUS authentication",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000091"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "encryption problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-504"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2013-4708 (GCVE-0-2013-4708)

Vulnerability from cvelistv5

gsd-2013-4708

Vulnerability from gsd

ghsa-p7q8-xc55-c6m5

Vulnerability from github

CVE-2013-4708

Vulnerability from jvndb

fkie_cve-2013-4708

Vulnerability from fkie_nvd

var-201310-0458

Vulnerability from variot

Tags

Sightings

Nomenclature