Vulnerabilites related to planet - gs-4210-24pl4c
Vulnerability from fkie_nvd
Published
2024-09-30 08:15
Modified
2024-10-04 15:11
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8058-cc391-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8057-1b3fa-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service."
},
{
"lang": "es",
"value": "El servicio swctrl se utiliza para detectar y administrar de forma remota los dispositivos de PLANET Technology. Algunos modelos de conmutadores tienen una vulnerabilidad de denegaci\u00f3n de servicio en el servicio swctrl, lo que permite que atacantes remotos no autenticados env\u00eden paquetes manipulados que pueden hacer que el servicio se bloquee."
}
],
"id": "CVE-2024-8454",
"lastModified": "2024-10-04T15:11:40.053",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-30T08:15:04.340",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8058-cc391-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8057-1b3fa-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
},
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 07:15
Modified
2024-10-04 15:07
Severity ?
Summary
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8046-057c2-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8045-a2804-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell."
},
{
"lang": "es",
"value": "Ciertos modelos de conmutadores de PLANET Technology tienen una credencial codificada en la interfaz de l\u00ednea de comandos espec\u00edfica, lo que permite a atacantes remotos con privilegios regulares iniciar sesi\u00f3n con esta credencial y obtener un shell ra\u00edz de Linux."
}
],
"id": "CVE-2024-8448",
"lastModified": "2024-10-04T15:07:22.160",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
},
"published": "2024-09-30T07:15:03.507",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8046-057c2-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8045-a2804-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 08:15
Modified
2024-10-04 15:10
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files to obtain the hash values, and potentially crack them to retrieve the plaintext passwords.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8056-09688-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8055-2c361-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files to obtain the hash values, and potentially crack them to retrieve the plaintext passwords."
},
{
"lang": "es",
"value": "Algunos modelos de conmutadores de PLANET Technology utilizan una funci\u00f3n de hash insegura para codificar las contrase\u00f1as de los usuarios sin que se les aplique sal. Los atacantes remotos con privilegios de administrador pueden leer los archivos de configuraci\u00f3n para obtener los valores de hash y, potencialmente, descifrarlos para recuperar las contrase\u00f1as en texto plano."
}
],
"id": "CVE-2024-8453",
"lastModified": "2024-10-04T15:10:54.507",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-30T08:15:04.093",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8056-09688-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8055-2c361-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-328"
},
{
"lang": "en",
"value": "CWE-759"
}
],
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 08:15
Modified
2024-10-04 14:45
Severity ?
Summary
Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8062-92f17-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8061-91872-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices."
},
{
"lang": "es",
"value": "Ciertos modelos de conmutadores de PLANET Technology carecen de un control de acceso adecuado en la funcionalidad de carga y descarga de firmware, lo que permite que atacantes remotos no autenticados descarguen y carguen firmware y configuraciones del sistema, obteniendo en \u00faltima instancia el control total de los dispositivos."
}
],
"id": "CVE-2024-8456",
"lastModified": "2024-10-04T14:45:39.920",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
},
"published": "2024-09-30T08:15:04.797",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8062-92f17-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8061-91872-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 08:15
Modified
2024-10-04 14:45
Severity ?
Summary
Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users with administrator privileges to inject arbitrary JavaScript, leading to Stored XSS attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8064-70255-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8063-01634-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users with administrator privileges to inject arbitrary JavaScript, leading to Stored XSS attack."
},
{
"lang": "es",
"value": "Ciertos modelos de conmutadores de PLANET Technology tienen una aplicaci\u00f3n web que no valida correctamente par\u00e1metros espec\u00edficos, lo que permite que usuarios autenticados remotos con privilegios de administrador inyecten JavaScript arbitrario, lo que genera un ataque XSS almacenado."
}
],
"id": "CVE-2024-8457",
"lastModified": "2024-10-04T14:45:41.310",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
},
"published": "2024-09-30T08:15:05.020",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8064-70255-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8063-01634-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 07:15
Modified
2024-10-04 15:10
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Certain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and encryption protocol in the SNMPv3 service, allowing attackers to obtain plaintext SNMPv3 credentials potentially.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8054-231ad-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8053-274bd-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and encryption protocol in the SNMPv3 service, allowing attackers to obtain plaintext SNMPv3 credentials potentially."
},
{
"lang": "es",
"value": "Ciertos modelos de conmutadores de PLANET Technology solo admiten algoritmos obsoletos para el protocolo de autenticaci\u00f3n y el protocolo de cifrado en el servicio SNMPv3, lo que permite a los atacantes obtener potencialmente credenciales SNMPv3 en texto plano."
}
],
"id": "CVE-2024-8452",
"lastModified": "2024-10-04T15:10:17.087",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-30T07:15:04.647",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8054-231ad-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8053-274bd-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
},
{
"lang": "en",
"value": "CWE-328"
}
],
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 07:15
Modified
2024-10-04 15:09
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service."
},
{
"lang": "es",
"value": "Ciertos modelos de conmutadores de PLANET Technology tienen un servicio SSH que maneja incorrectamente solicitudes de conexi\u00f3n insuficientemente autenticadas, lo que permite que atacantes remotos no autorizados exploten esta debilidad para ocupar ranuras de conexi\u00f3n y evitar que usuarios leg\u00edtimos accedan al servicio SSH."
}
],
"id": "CVE-2024-8451",
"lastModified": "2024-10-04T15:09:42.283",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-30T07:15:04.417",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-280"
},
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 07:15
Modified
2024-10-04 15:08
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8050-52f32-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8049-83fe4-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges."
},
{
"lang": "es",
"value": "Ciertos modelos de conmutadores de PLANET Technology tienen una cadena de comunidad codificada en el servicio SNMPv1, lo que permite que atacantes remotos no autorizados utilicen esta cadena de comunidad para acceder al servicio SNMPv1 con privilegios de lectura y escritura."
}
],
"id": "CVE-2024-8450",
"lastModified": "2024-10-04T15:08:58.820",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-30T07:15:04.170",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8050-52f32-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8049-83fe4-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 08:15
Modified
2024-10-04 14:42
Severity ?
Summary
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8066-d6504-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8065-579c1-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts."
},
{
"lang": "es",
"value": "Algunos modelos de conmutadores de PLANET Technology tienen una aplicaci\u00f3n web que es vulnerable a Cross-Site Request Forgery (CSRF). Un atacante remoto no autenticado puede enga\u00f1ar a un usuario para que visite un sitio web malicioso, lo que le permite hacerse pasar por el usuario y realizar acciones en su nombre, como crear cuentas."
}
],
"id": "CVE-2024-8458",
"lastModified": "2024-10-04T14:42:55.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
},
"published": "2024-09-30T08:15:05.223",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8066-d6504-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8065-579c1-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 08:15
Modified
2024-10-04 14:42
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology store SNMPv3 users\u0027 passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials."
},
{
"lang": "es",
"value": "Ciertos modelos de conmutadores de PLANET Technology almacenan las contrase\u00f1as de los usuarios de SNMPv3 en texto plano dentro de los archivos de configuraci\u00f3n, lo que permite a atacantes remotos con privilegios de administrador leer el archivo y obtener las credenciales."
}
],
"id": "CVE-2024-8459",
"lastModified": "2024-10-04T14:42:35.297",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-30T08:15:05.460",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 08:15
Modified
2024-10-04 14:45
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets can directly crack them to obtain plaintext passwords.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8060-f3955-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8059-bde5f-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 | |
| planet | igs-5225-4up1t2s_firmware | - | |
| planet | igs-5225-4up1t2s | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:igs-5225-4up1t2s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "659F6AF5-1130-42B7-8872-663EA560A6D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:igs-5225-4up1t2s:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B84FB83-6FB7-4A19-A9E8-BD1BA4119A9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets can directly crack them to obtain plaintext passwords."
},
{
"lang": "es",
"value": "El servicio swctrl se utiliza para detectar y gestionar de forma remota los dispositivos de PLANET Technology. En el caso de determinados modelos de conmutadores, los tokens de autenticaci\u00f3n utilizados durante la comunicaci\u00f3n con este servicio son contrase\u00f1as de usuario codificadas. Debido a que no son lo suficientemente resistentes, los atacantes remotos no autorizados que intercepten los paquetes pueden descifrarlos directamente para obtener contrase\u00f1as en texto simple."
}
],
"id": "CVE-2024-8455",
"lastModified": "2024-10-04T14:45:48.727",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-30T08:15:04.570",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8060-f3955-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8059-bde5f-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-261"
}
],
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-30 07:15
Modified
2024-10-04 15:08
Severity ?
Summary
Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| twcert@cert.org.tw | https://www.twcert.org.tw/en/cp-139-8048-f0e4d-2.html | Third Party Advisory | |
| twcert@cert.org.tw | https://www.twcert.org.tw/tw/cp-132-8047-adf79-1.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| planet | gs-4210-24p2s_firmware | * | |
| planet | gs-4210-24p2s | 3.0 | |
| planet | gs-4210-24pl4c_firmware | * | |
| planet | gs-4210-24pl4c | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A",
"versionEndExcluding": "3.305b240802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659",
"versionEndExcluding": "2.305b240719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user\u0027s password."
},
{
"lang": "es",
"value": "Ciertos modelos de conmutadores de PLANET Technology tienen una credencial codificada en la funcionalidad de recuperaci\u00f3n de contrase\u00f1a, lo que permite que un atacante no autenticado se conecte al dispositivo a trav\u00e9s de la consola serial y use esta credencial para restablecer la contrase\u00f1a de cualquier usuario."
}
],
"id": "CVE-2024-8449",
"lastModified": "2024-10-04T15:08:22.733",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "twcert@cert.org.tw",
"type": "Primary"
}
]
},
"published": "2024-09-30T07:15:03.937",
"references": [
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8048-f0e4d-2.html"
},
{
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8047-adf79-1.html"
}
],
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "twcert@cert.org.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-8454 (GCVE-0-2024-8454)
Vulnerability from cvelistv5
Published
2024-09-30 07:18
Modified
2024-09-30 16:59
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_2.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_3.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_3.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:igs-5225-4up1t2s_hardware_1.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "igs-5225-4up1t2s_hardware_1.0",
"vendor": "planet_technology_corp",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T16:57:41.398680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T16:59:40.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IGS-5225-4UP1T2S hardware 1.0",
"vendor": "PLANET Technology",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2024-09-30T07:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service.\u003c/span\u003e"
}
],
"value": "The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service."
}
],
"impacts": [
{
"capecId": "CAPEC-227",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-227 Sustained Client Engagement"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:18:30.271Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8057-1b3fa-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8058-cc391-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\u003cbr\u003eIGS-5225-4UP1T2S hardware 1.0 has reached End of Life (EOL). Replacement is recommended.\u003cbr\u003e"
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\nIGS-5225-4UP1T2S hardware 1.0 has reached End of Life (EOL). Replacement is recommended."
}
],
"source": {
"advisory": "TVN-202409010",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Swctrl service DoS attack",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8454",
"datePublished": "2024-09-30T07:18:30.271Z",
"dateReserved": "2024-09-05T02:53:07.051Z",
"dateUpdated": "2024-09-30T16:59:40.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8451 (GCVE-0-2024-8451)
Vulnerability from cvelistv5
Published
2024-09-30 06:56
Modified
2024-09-30 17:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:32:47.762349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:32:59.893Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T06:52:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service."
}
],
"value": "Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service."
}
],
"impacts": [
{
"capecId": "CAPEC-227",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-227 Sustained Client Engagement"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T06:56:40.972Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409007",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - SSH server DoS attack",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8451",
"datePublished": "2024-09-30T06:56:40.972Z",
"dateReserved": "2024-09-05T02:53:03.528Z",
"dateUpdated": "2024-09-30T17:32:59.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8452 (GCVE-0-2024-8452)
Vulnerability from cvelistv5
Published
2024-09-30 07:07
Modified
2024-09-30 17:32
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Certain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and encryption protocol in the SNMPv3 service, allowing attackers to obtain plaintext SNMPv3 credentials potentially.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8452",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:32:02.150081Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:32:24.359Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T07:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and encryption protocol in the SNMPv3 service, allowing attackers to obtain plaintext SNMPv3 credentials potentially.\u003c/span\u003e"
}
],
"value": "Certain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and encryption protocol in the SNMPv3 service, allowing attackers to obtain plaintext SNMPv3 credentials potentially."
}
],
"impacts": [
{
"capecId": "CAPEC-55",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-55 Rainbow Table Password Cracking"
}
]
},
{
"capecId": "CAPEC-97",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-97 Cryptanalysis"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328 Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:07:26.325Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8053-274bd-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8054-231ad-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\u003cbr\u003e"
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409008",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Insecure hash functions used for SNMPv3 credentials",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8452",
"datePublished": "2024-09-30T07:07:26.325Z",
"dateReserved": "2024-09-05T02:53:04.816Z",
"dateUpdated": "2024-09-30T17:32:24.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8450 (GCVE-0-2024-8450)
Vulnerability from cvelistv5
Published
2024-09-30 06:50
Modified
2024-09-30 17:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Summary
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8450",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:33:13.983006Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:33:25.526Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T06:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u0026nbsp; Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges."
}
],
"value": "Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-191",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-191 Read Sensitive Constants Within an Executable"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T06:50:58.570Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8049-83fe4-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8050-52f32-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\u003cbr\u003e"
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409006",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Hard-coded SNMPv1 read-write community string",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8450",
"datePublished": "2024-09-30T06:50:58.570Z",
"dateReserved": "2024-09-05T02:53:02.358Z",
"dateUpdated": "2024-09-30T17:33:25.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8455 (GCVE-0-2024-8455)
Vulnerability from cvelistv5
Published
2024-09-30 07:24
Modified
2024-09-30 16:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-261 - Weak Encoding for Password
Summary
The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets can directly crack them to obtain plaintext passwords.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_2.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_3.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_3.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:igs-5225-4up1t2s_hardware_1.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "igs-5225-4up1t2s_hardware_1.0",
"vendor": "planet_technology_corp",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8455",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T16:51:56.909491Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T16:54:36.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IGS-5225-4UP1T2S hardware 1.0",
"vendor": "PLANET Technology",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2024-09-30T07:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets can directly crack them to obtain plaintext passwords."
}
],
"value": "The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets can directly crack them to obtain plaintext passwords."
}
],
"impacts": [
{
"capecId": "CAPEC-97",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-97 Cryptanalysis"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-261",
"description": "CWE-261 Weak Encoding for Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:25:13.087Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8059-bde5f-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8060-f3955-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\u003cbr\u003eIGS-5225-4UP1T2S hardware 1.0 has reached End of Life (EOL). Replacement is recommended.\u003cbr\u003e"
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\nIGS-5225-4UP1T2S hardware 1.0 has reached End of Life (EOL). Replacement is recommended."
}
],
"source": {
"advisory": "TVN-202409011",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Swctrl service exchanges weakly encoded passwords",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8455",
"datePublished": "2024-09-30T07:24:49.379Z",
"dateReserved": "2024-09-05T02:53:08.080Z",
"dateUpdated": "2024-09-30T16:54:36.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8456 (GCVE-0-2024-8456)
Vulnerability from cvelistv5
Published
2024-09-30 07:35
Modified
2024-09-30 16:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_2.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_3.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_3.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8456",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T16:49:32.437217Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T16:51:08.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T07:31:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices.\u003c/span\u003e"
}
],
"value": "Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:35:04.179Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8061-91872-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8062-92f17-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409012",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Missing Authentication for multiple HTTP routes",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8456",
"datePublished": "2024-09-30T07:35:04.179Z",
"dateReserved": "2024-09-05T02:53:09.094Z",
"dateUpdated": "2024-09-30T16:51:08.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8449 (GCVE-0-2024-8449)
Vulnerability from cvelistv5
Published
2024-09-30 06:45
Modified
2024-09-30 17:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Summary
Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_2.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_3.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_3.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8449",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:04:05.199249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:05:21.197Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T06:37:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user\u0027s password.\u003c/span\u003e"
}
],
"value": "Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user\u0027s password."
}
],
"impacts": [
{
"capecId": "CAPEC-50",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-50 Password Recovery Exploitation"
}
]
},
{
"capecId": "CAPEC-191",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-191 Read Sensitive Constants Within an Executable"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T06:45:27.302Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8047-adf79-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8048-f0e4d-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409005",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Local users\u0027 passwords recovery through hard-coded credentials",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8449",
"datePublished": "2024-09-30T06:45:27.302Z",
"dateReserved": "2024-09-05T02:53:01.149Z",
"dateUpdated": "2024-09-30T17:05:21.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8458 (GCVE-0-2024-8458)
Vulnerability from cvelistv5
Published
2024-09-30 07:45
Modified
2024-09-30 16:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_2.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_3.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_3.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8458",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T16:45:49.422878Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T16:47:20.988Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T07:42:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts."
}
],
"value": "Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:45:34.664Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8065-579c1-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8066-d6504-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\u003cbr\u003e"
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409014",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Cross-site Request Forgery",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8458",
"datePublished": "2024-09-30T07:45:34.664Z",
"dateReserved": "2024-09-05T02:53:11.575Z",
"dateUpdated": "2024-09-30T16:47:20.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8453 (GCVE-0-2024-8453)
Vulnerability from cvelistv5
Published
2024-09-30 07:12
Modified
2024-09-30 15:47
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files to obtain the hash values, and potentially crack them to retrieve the plaintext passwords.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T15:44:24.842002Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T15:47:03.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T07:09:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files to obtain the hash values, and potentially crack them to retrieve the plaintext passwords.\u003c/span\u003e"
}
],
"value": "Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files to obtain the hash values, and potentially crack them to retrieve the plaintext passwords."
}
],
"impacts": [
{
"capecId": "CAPEC-55",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-55 Rainbow Table Password Cracking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328 Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-759",
"description": "CWE-759: Use of a One-Way Hash without a Salt",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:12:14.782Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8055-2c361-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8056-09688-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\u003cbr\u003e"
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409009",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Weak hash for users\u0027 passwords",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8453",
"datePublished": "2024-09-30T07:12:14.782Z",
"dateReserved": "2024-09-05T02:53:06.043Z",
"dateUpdated": "2024-09-30T15:47:03.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8459 (GCVE-0-2024-8459)
Vulnerability from cvelistv5
Published
2024-09-30 07:59
Modified
2024-09-30 16:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "gs-4210-24pl4c_hardware_2.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "2.305b240719",
"status": "unknown",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_3.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_3.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8459",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T16:09:15.112796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T16:13:57.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T07:54:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain switch models from PLANET Technology store SNMPv3 users\u0027 passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "Certain switch models from PLANET Technology store SNMPv3 users\u0027 passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:59:27.614Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409015",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Cleartext storage of SNMPv3 users\u0027 passwords",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8459",
"datePublished": "2024-09-30T07:59:27.614Z",
"dateReserved": "2024-09-05T02:53:12.647Z",
"dateUpdated": "2024-09-30T16:13:57.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8457 (GCVE-0-2024-8457)
Vulnerability from cvelistv5
Published
2024-09-30 07:39
Modified
2024-09-30 15:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users with administrator privileges to inject arbitrary JavaScript, leading to Stored XSS attack.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T15:44:17.738444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T15:46:39.115Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T07:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users with administrator privileges to inject arbitrary JavaScript, leading to Stored XSS attack.\u003c/span\u003e"
}
],
"value": "Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users with administrator privileges to inject arbitrary JavaScript, leading to Stored XSS attack."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:39:17.778Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8063-01634-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8064-70255-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409013",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Stored cross-site scripting (XSS) in the User Management",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8457",
"datePublished": "2024-09-30T07:39:17.778Z",
"dateReserved": "2024-09-05T02:53:10.305Z",
"dateUpdated": "2024-09-30T15:46:39.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8448 (GCVE-0-2024-8448)
Vulnerability from cvelistv5
Published
2024-09-30 06:36
Modified
2024-09-30 17:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Summary
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Version: 0 < 2.305b240719 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_2.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_3.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_3.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8448",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:05:49.040891Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:06:56.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T06:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell.\u003c/span\u003e"
}
],
"value": "Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell."
}
],
"impacts": [
{
"capecId": "CAPEC-191",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-191 Read Sensitive Constants Within an Executable"
}
]
},
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T06:36:54.835Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8045-a2804-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8046-057c2-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\u003cbr\u003e"
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409004",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Remote privilege escalation using hard-coded credentials",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8448",
"datePublished": "2024-09-30T06:36:54.835Z",
"dateReserved": "2024-09-05T02:52:59.520Z",
"dateUpdated": "2024-09-30T17:06:56.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}