Description
An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103340
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01
Scores
CVSS v3
6.5
EPSS
0.0132
EPSS Percentile
67.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-200
CWE-598
Status
published
Products (50)
belden/hirschmann_m1-8mm-sc
belden/hirschmann_m1-8sfp
belden/hirschmann_m1-8sm-sc
belden/hirschmann_m1-8tp-rj45
belden/hirschmann_mach102-24tp-f
belden/hirschmann_mach102-24tp-fr
belden/hirschmann_mach102-8tp
belden/hirschmann_mach102-8tp-f
belden/hirschmann_mach102-8tp-fr
belden/hirschmann_mach102-8tp-r
... and 40 more
Published
Mar 06, 2018
Tracked Since
Feb 18, 2026