Vulnerability CVE-2018-5467
Published: 2018-03-06   Modified: 2018-03-07

Description:
An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user.

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Belden -> Hirschmann mach104-16tx-poep +2x -e-l3p 
Belden -> Hirschmann mach4002-24g-l3e 
Belden -> Hirschmann ms30-1602saae 
Belden -> Hirschmann octopus 8tx poe-eec 
Belden -> Hirschmann octopus os30-0008024a4atrephh 
Belden -> Hirschmann rs20-1600m2m2sdau 
Belden -> Hirschmann rsb20-0800t1t1taabe 
Belden -> Hirschmann rsb20-0900vvm2taabe 
Belden -> Hirschmann m1-8mm-sc 
Belden -> Hirschmann mach104-16tx-poep +2x -r 
Belden -> Hirschmann mach4002-24g-l3p 
Belden -> Hirschmann octopus 16m 
Belden -> Hirschmann octopus os20-000900t5t5tafbhh 
Belden -> Hirschmann octopus os30-0008024b4btrephh 
Belden -> Hirschmann rs20-1600m2t1sdau 
Belden -> Hirschmann rsb20-0900m2ttsaab 
Belden -> Hirschmann rsb20-0900zzz6saab 
Belden -> Hirschmann m1-8sfp 
Belden -> Hirschmann mach104-16tx-poep +2x -r-l3p 
Belden -> Hirschmann mach4002-48g+3x-l2p 
Belden -> Hirschmann octopus 16m-8poe 
Belden -> Hirschmann octopus os20-000900t5t5tnebhh 
Belden -> Hirschmann octopus os32-080802o6o6tpephh 
Belden -> Hirschmann rs20-1600s2m2sdau 
Belden -> Hirschmann rsb20-0900m2ttsaabe 
Belden -> Hirschmann rsb20-0900zzz6saabe 
Belden -> Hirschmann m1-8sm-sc 
Belden -> Hirschmann mach104-16tx-poep -e 
Belden -> Hirschmann mach4002-48g+3x-l3e 
Belden -> Hirschmann octopus 16m-train 
Belden -> Hirschmann octopus os20-0010001m1mtrephh 
Belden -> Hirschmann octopus os32-080802t6t6tpephh 
Belden -> Hirschmann rs20-1600s2s2sdau 
Belden -> Hirschmann rsb20-0900m2tttaab 
Belden -> Hirschmann rsb20-0900zzz6taab 
Belden -> Hirschmann m1-8tp-rj45 
Belden -> Hirschmann mach104-16tx-poep -e-l3p 
Belden -> Hirschmann mach4002-48g+3x-l3p 
Belden -> Hirschmann octopus 16m-train-bp 
Belden -> Hirschmann octopus os20-0010001s1strephh 
Belden -> Hirschmann octopus os32-081602o6o6tpephh 
Belden -> Hirschmann rs20-1600s2t1sdau 
Belden -> Hirschmann rsb20-0900m2tttaabe 
Belden -> Hirschmann rsb20-0900zzz6taabe 
Belden -> Hirschmann mach102-24tp-f 
Belden -> Hirschmann mach104-16tx-poep -r 
Belden -> Hirschmann mach4002-48g-l2p 
Belden -> Hirschmann octopus 24m 
Belden -> Hirschmann octopus os20-0010004m4mtrephh 
Belden -> Hirschmann octopus os32-081602t6t6tpephh 
Belden -> Hirschmann rsb20-0800m2m2saab 
Belden -> Hirschmann rsb20-0900mmm2saab 
Belden -> Hirschmann rsr20 
Belden -> Hirschmann mach102-24tp-fr 
Belden -> Hirschmann mach104-16tx-poep -r-l3p 
Belden -> Hirschmann mach4002-48g-l3e 
Belden -> Hirschmann octopus 24m-8 poe 
Belden -> Hirschmann octopus os20-0010004s4strephh 
Belden -> Hirschmann octopus os34 
Belden -> Hirschmann rsb20-0800m2m2saabe 
Belden -> Hirschmann rsb20-0900mmm2saabe 
Belden -> Hirschmann rsr30 
Belden -> Hirschmann mach102-8tp 
Belden -> Hirschmann mach104-20tx-f 
Belden -> Hirschmann mach4002-48g-l3p 
Belden -> Hirschmann octopus 24m-train 
Belden -> Hirschmann octopus os20-001000t5t5tafuhb 
Belden -> Hirschmann octopus os3x-xx16xxx 
Belden -> Hirschmann rsb20-0800m2m2taab 
Belden -> Hirschmann rsb20-0900mmm2taab 
Belden -> Hirschmann mach102-8tp-f 
Belden -> Hirschmann mach104-20tx-f-4poe 
Belden -> Hirschmann ms20-0800eccp 
Belden -> Hirschmann octopus 24m-train-bp 
Belden -> Hirschmann octopus os20-001000t5t5tneuhb 
Belden -> Hirschmann octopus os3x-xx24xxx 
Belden -> Hirschmann rsb20-0800m2m2taabe 
Belden -> Hirschmann rsb20-0900mmm2taabe 
Belden -> Hirschmann mach102-8tp-fr 
Belden -> Hirschmann mach104-20tx-f-l3p 
Belden -> Hirschmann ms20-0800saae 
Belden -> Hirschmann octopus 5tx eec 
Belden -> Hirschmann octopus os24-080900t5t5tffbhh 
Belden -> Hirschmann rs20-0900mmm2tdau 
Belden -> Hirschmann rsb20-0800s2s2saab 
Belden -> Hirschmann rsb20-0900s2ttsaab 
Belden -> Hirschmann mach102-8tp-r 
Belden -> Hirschmann mach104-20tx-fr 
Belden -> Hirschmann ms20-0800saap 
Belden -> Hirschmann octopus 8m 
Belden -> Hirschmann octopus os24-080900t5t5tnebhh 
Belden -> Hirschmann rs20-0900nnm4tdau 
Belden -> Hirschmann rsb20-0800s2s2saabe 
Belden -> Hirschmann rsb20-0900s2ttsaabe 
Belden -> Hirschmann mach104-16tx-poep 
Belden -> Hirschmann mach104-20tx-fr-l3p 
Belden -> Hirschmann ms20-1600eccp 
Belden -> Hirschmann octopus 8m-6poe 
Belden -> Hirschmann octopus os24-081000t5t5tffuhb 
Belden -> Hirschmann rs20-0900vvm2tdau 

 References:
http://www.securityfocus.com/bid/103340
https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01
Copyright 2024, cxsecurity.com

 

Back to Top