Risk | Low |
Patch available | NO |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2018-5465 CVE-2018-5467 CVE-2018-5471 CVE-2018-5461 CVE-2018-5469 |
CWE-ID | CWE-384 CWE-598 CWE-300 CWE-307 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
OCTOPUS Hardware solutions / Routers & switches, VoIP, GSM, etc MS Hardware solutions / Routers & switches, VoIP, GSM, etc MACH4000 Hardware solutions / Routers & switches, VoIP, GSM, etc MACH1000 Hardware solutions / Routers & switches, VoIP, GSM, etc MACH100 Hardware solutions / Routers & switches, VoIP, GSM, etc RSB Hardware solutions / Routers & switches, VoIP, GSM, etc RSR Hardware solutions / Routers & switches, VoIP, GSM, etc RS Hardware solutions / Routers & switches, VoIP, GSM, etc |
Vendor | Hirschmann |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU10875
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:W/RC:C]
CVE-ID: CVE-2018-5465
CWE-ID:
CWE-384 - Session Fixation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform session fixation attack on the target system.
The weakness exists in the web interface due to session fixation vulnerability. A remote attacker can hijack an existing user's session.
Workarounds are available on vendor's website.
Vulnerable software versionsOCTOPUS: All versions
MS: All versions
MACH4000: All versions
MACH1000: All versions
MACH100: All versions
RSB: All versions
RSR: All versions
RS: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-065-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU10876
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:W/RC:C]
CVE-ID: CVE-2018-5467
CWE-ID:
CWE-598 - Information Exposure Through Query Strings in GET Request
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists in the web interface due to information exposure through query strings. A remote attacker can gain access to arbitrary data and
impersonate a legitimate user.
Workarounds are available on vendor's website.
Vulnerable software versionsOCTOPUS: All versions
MS: All versions
MACH4000: All versions
MACH1000: All versions
MACH100: All versions
RSB: All versions
RSR: All versions
RS: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-065-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU10877
Risk: Low
CVSSv3.1: 3.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:W/RC:C]
CVE-ID: CVE-2018-5471
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct man-in-the-middle attack.
The weakness exists in the web interface due to cleartext transmission of sensitive information. A remote attacker can use man-in-the-middle technique and obtain
sensitive information through a successful man-in-the-middle attack.
Workarounds are available on vendor's website.
Vulnerable software versionsOCTOPUS: All versions
MS: All versions
MACH4000: All versions
MACH1000: All versions
MACH100: All versions
RSB: All versions
RSR: All versions
RS: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-065-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU10878
Risk: Low
CVSSv3.1: 3.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:W/RC:C]
CVE-ID: CVE-2018-5461
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct man-in-the-middle attack.
The weakness exists in the web interface due to inadequate encryption strength vulnerability. A remote attacker can use man-in-the-middle technique and obtain sensitive information.
Workarounds are available on vendor's website.
Vulnerable software versionsOCTOPUS: All versions
MS: All versions
MACH4000: All versions
MACH1000: All versions
MACH100: All versions
RSB: All versions
RSR: All versions
RS: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-065-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU10879
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:W/RC:C]
CVE-ID: CVE-2018-5469
CWE-ID:
CWE-307 - Improper Restriction of Excessive Authentication Attempts
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct brute-force attack.
The weakness exists in the web interface due to improper restriction of excessive authentication. A remote attacker can brute force authentication.
Workarounds are available on vendor's website.
Vulnerable software versionsOCTOPUS: All versions
MS: All versions
MACH4000: All versions
MACH1000: All versions
MACH100: All versions
RSB: All versions
RSR: All versions
RS: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-065-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.