CVE-2018-5467

MEDIUM

Belden Hirschmann - Info Disclosure

Title source: llm

Description

An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/103340

[Mitigation, Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01

Scores

CVSS v3 6.5

EPSS 0.0004

EPSS Percentile 12.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Details

CWE

CWE-200 CWE-598

Status published

Products (50)

belden/hirschmann_m1-8mm-sc

belden/hirschmann_m1-8sfp

belden/hirschmann_m1-8sm-sc

belden/hirschmann_m1-8tp-rj45

belden/hirschmann_mach102-24tp-f

belden/hirschmann_mach102-24tp-fr

belden/hirschmann_mach102-8tp

belden/hirschmann_mach102-8tp-f

belden/hirschmann_mach102-8tp-fr

belden/hirschmann_mach102-8tp-r

... and 40 more

Published Mar 06, 2018

Tracked Since Feb 18, 2026