CVE-2018-5461

EPSS 0.02%
Published 06.03.2018 21:29:00
Last modified 21.11.2024 04:08:50
Source ics-cert@hq.dhs.gov
Teams watchlist Login
Open Login

An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Belden ≫ Hirschmann Rs20-0900mmm2tdau Version-

Belden ≫ Hirschmann Rs20-0900nnm4tdau Version-

Belden ≫ Hirschmann Rs20-0900vvm2tdau Version-

Belden ≫ Hirschmann Rs20-1600l2l2sdau Version-

Belden ≫ Hirschmann Rs20-1600l2m2sdau Version-

Belden ≫ Hirschmann Rs20-1600l2s2sdau Version-

Belden ≫ Hirschmann Rs20-1600l2t1sdau Version-

Belden ≫ Hirschmann Rs20-1600m2m2sdau Version-

Belden ≫ Hirschmann Rs20-1600m2t1sdau Version-

Belden ≫ Hirschmann Rs20-1600s2m2sdau Version-

Belden ≫ Hirschmann Rs20-1600s2s2sdau Version-

Belden ≫ Hirschmann Rs20-1600s2t1sdau Version-

Belden ≫ Hirschmann Rsr20 Version-

Belden ≫ Hirschmann Rsr30 Version-

Belden ≫ Hirschmann Rsb20-0800m2m2saab Version-

Belden ≫ Hirschmann Rsb20-0800m2m2saabe Version-

Belden ≫ Hirschmann Rsb20-0800m2m2taab Version-

Belden ≫ Hirschmann Rsb20-0800m2m2taabe Version-

Belden ≫ Hirschmann Rsb20-0800s2s2saab Version-

Belden ≫ Hirschmann Rsb20-0800s2s2saabe Version-

Belden ≫ Hirschmann Rsb20-0800s2s2taab Version-

Belden ≫ Hirschmann Rsb20-0800s2s2taabe Version-

Belden ≫ Hirschmann Rsb20-0800t1t1saab Version-

Belden ≫ Hirschmann Rsb20-0800t1t1saabe Version-

Belden ≫ Hirschmann Rsb20-0800t1t1taab Version-

Belden ≫ Hirschmann Rsb20-0800t1t1taabe Version-

Belden ≫ Hirschmann Rsb20-0900m2ttsaab Version-

Belden ≫ Hirschmann Rsb20-0900m2ttsaabe Version-

Belden ≫ Hirschmann Rsb20-0900m2tttaab Version-

Belden ≫ Hirschmann Rsb20-0900m2tttaabe Version-

Belden ≫ Hirschmann Rsb20-0900mmm2saab Version-

Belden ≫ Hirschmann Rsb20-0900mmm2saabe Version-

Belden ≫ Hirschmann Rsb20-0900mmm2taab Version-

Belden ≫ Hirschmann Rsb20-0900mmm2taabe Version-

Belden ≫ Hirschmann Rsb20-0900s2ttsaab Version-

Belden ≫ Hirschmann Rsb20-0900s2ttsaabe Version-

Belden ≫ Hirschmann Rsb20-0900s2tttaab Version-

Belden ≫ Hirschmann Rsb20-0900s2tttaabe Version-

Belden ≫ Hirschmann Rsb20-0900vvm2saab Version-

Belden ≫ Hirschmann Rsb20-0900vvm2saabe Version-

Belden ≫ Hirschmann Rsb20-0900vvm2taab Version-

Belden ≫ Hirschmann Rsb20-0900vvm2taabe Version-

Belden ≫ Hirschmann Rsb20-0900zzz6saab Version-

Belden ≫ Hirschmann Rsb20-0900zzz6saabe Version-

Belden ≫ Hirschmann Rsb20-0900zzz6taab Version-

Belden ≫ Hirschmann Rsb20-0900zzz6taabe Version-

Belden ≫ Hirschmann M1-8mm-sc Version-

Belden ≫ Hirschmann M1-8sfp Version-

Belden ≫ Hirschmann M1-8sm-sc Version-

Belden ≫ Hirschmann M1-8tp-rj45 Version-

Belden ≫ Hirschmann Mach102-24tp-f Version-

Belden ≫ Hirschmann Mach102-24tp-fr Version-

Belden ≫ Hirschmann Mach102-8tp Version-

Belden ≫ Hirschmann Mach102-8tp-f Version-

Belden ≫ Hirschmann Mach102-8tp-fr Version-

Belden ≫ Hirschmann Mach102-8tp-r Version-

Belden ≫ Hirschmann Mach104-16tx-poep Version-

Belden ≫ Hirschmann Mach104-16tx-poep-l3p Version-

Belden ≫ Hirschmann Mach104-16tx-poep +2x Version-

Belden ≫ Hirschmann Mach104-16tx-poep +2x-l3p Version-

Belden ≫ Hirschmann Mach104-16tx-poep +2x -e Version-

Belden ≫ Hirschmann Mach104-16tx-poep +2x -e-l3p Version-

Belden ≫ Hirschmann Mach104-16tx-poep +2x -r Version-

Belden ≫ Hirschmann Mach104-16tx-poep +2x -r-l3p Version-

Belden ≫ Hirschmann Mach104-16tx-poep -e Version-

Belden ≫ Hirschmann Mach104-16tx-poep -e-l3p Version-

Belden ≫ Hirschmann Mach104-16tx-poep -r Version-

Belden ≫ Hirschmann Mach104-16tx-poep -r-l3p Version-

Belden ≫ Hirschmann Mach104-20tx-f Version-

Belden ≫ Hirschmann Mach104-20tx-f-4poe Version-

Belden ≫ Hirschmann Mach104-20tx-f-l3p Version-

Belden ≫ Hirschmann Mach104-20tx-fr Version-

Belden ≫ Hirschmann Mach104-20tx-fr-l3p Version-

Belden ≫ Hirschmann Mach4002-24g+3x-l2p Version-

Belden ≫ Hirschmann Mach4002-24g+3x-l3e Version-

Belden ≫ Hirschmann Mach4002-24g+3x-l3p Version-

Belden ≫ Hirschmann Mach4002-24g-l2p Version-

Belden ≫ Hirschmann Mach4002-24g-l3e Version-

Belden ≫ Hirschmann Mach4002-24g-l3p Version-

Belden ≫ Hirschmann Mach4002-48g+3x-l2p Version-

Belden ≫ Hirschmann Mach4002-48g+3x-l3e Version-

Belden ≫ Hirschmann Mach4002-48g+3x-l3p Version-

Belden ≫ Hirschmann Mach4002-48g-l2p Version-

Belden ≫ Hirschmann Mach4002-48g-l3e Version-

Belden ≫ Hirschmann Mach4002-48g-l3p Version-

Belden ≫ Hirschmann Ms20-0800eccp Version-

Belden ≫ Hirschmann Ms20-0800saae Version-

Belden ≫ Hirschmann Ms20-0800saap Version-

Belden ≫ Hirschmann Ms20-1600eccp Version-

Belden ≫ Hirschmann Ms20-1600saae Version-

Belden ≫ Hirschmann Ms20-1600saap Version-

Belden ≫ Hirschmann Ms30-0802saae Version-

Belden ≫ Hirschmann Ms30-0802saap Version-

Belden ≫ Hirschmann Ms30-1602saae Version-

Belden ≫ Hirschmann Octopus 16m Version-

Belden ≫ Hirschmann Octopus 16m-8poe Version-

Belden ≫ Hirschmann Octopus 16m-train Version-

Belden ≫ Hirschmann Octopus 16m-train-bp Version-

Belden ≫ Hirschmann Octopus 24m Version-

Belden ≫ Hirschmann Octopus 24m-8 Poe Version-

Belden ≫ Hirschmann Octopus 24m-train Version-

Belden ≫ Hirschmann Octopus 24m-train-bp Version-

Belden ≫ Hirschmann Octopus 5tx Eec Version-

Belden ≫ Hirschmann Octopus 8m Version-

Belden ≫ Hirschmann Octopus 8m-6poe Version-

Belden ≫ Hirschmann Octopus 8m-8poe Version-

Belden ≫ Hirschmann Octopus 8m-train Version-

Belden ≫ Hirschmann Octopus 8m-train-bp Version-

Belden ≫ Hirschmann Octopus 8tx-eec Version-

Belden ≫ Hirschmann Octopus 8tx Poe-eec Version-

Belden ≫ Hirschmann Octopus Os20-000900t5t5tafbhh Version-

Belden ≫ Hirschmann Octopus Os20-000900t5t5tnebhh Version-

Belden ≫ Hirschmann Octopus Os20-0010001m1mtrephh Version-

Belden ≫ Hirschmann Octopus Os20-0010001s1strephh Version-

Belden ≫ Hirschmann Octopus Os20-0010004m4mtrephh Version-

Belden ≫ Hirschmann Octopus Os20-0010004s4strephh Version-

Belden ≫ Hirschmann Octopus Os20-001000t5t5tafuhb Version-

Belden ≫ Hirschmann Octopus Os20-001000t5t5tneuhb Version-

Belden ≫ Hirschmann Octopus Os24-080900t5t5tffbhh Version-

Belden ≫ Hirschmann Octopus Os24-080900t5t5tnebhh Version-

Belden ≫ Hirschmann Octopus Os24-081000t5t5tffuhb Version-

Belden ≫ Hirschmann Octopus Os24-081000t5t5tneuhb Version-

Belden ≫ Hirschmann Octopus Os30 Version-

Belden ≫ Hirschmann Octopus Os30-0008021a1atrephh Version-

Belden ≫ Hirschmann Octopus Os30-0008021b1btrephh Version-

Belden ≫ Hirschmann Octopus Os30-0008024a4atrephh Version-

Belden ≫ Hirschmann Octopus Os30-0008024b4btrephh Version-

Belden ≫ Hirschmann Octopus Os32-080802o6o6tpephh Version-

Belden ≫ Hirschmann Octopus Os32-080802t6t6tpephh Version-

Belden ≫ Hirschmann Octopus Os32-081602o6o6tpephh Version-

Belden ≫ Hirschmann Octopus Os32-081602t6t6tpephh Version-

Belden ≫ Hirschmann Octopus Os34 Version-

Belden ≫ Hirschmann Octopus Os3x-xx16xxx Version-

Belden ≫ Hirschmann Octopus Os3x-xx24xxx Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.019

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	2.2	4.2	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N

CWE-326 Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

http://www.securityfocus.com/bid/103340

Third Party Advisory

VDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01

Third Party Advisory

US Government Resource

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2018-5461

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-5461

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-5461

EUVD