CVE-2012-4898
Last modified
CVE-2012-4898 is a vulnerability of currently unknown severity. Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere.. EPSS estimates a 0.91% chance of exploitation in the next 30 days.
Description
Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Tropos | Mesh Os | <= 7.9.1 |
| Tropos | 1310 Distrubution Automation Mesh Router | All versions |
| Tropos | 1410 Mesh Router | All versions |
| Tropos | 1410 Wireless Mesh Router | All versions |
| Tropos | 3310 Indoor Mesh Router | All versions |
| Tropos | 3320 Indoor Mesh Router | All versions |
| Tropos | 4310 Mobile Mesh Router | All versions |
| Tropos | 6310 Mesh Router | All versions |
| Tropos | 6320 Mesh Router | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-4898?
How severe is CVE-2012-4898?
How do I fix CVE-2012-4898?
Are you affected by CVE-2012-4898?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST