Strix
26.1K

CVE-2013-4708

UnknownEPSS 1.26%

Last modified

CVE-2013-4708 is a vulnerability of currently unknown severity. The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.. EPSS estimates a 1.26% chance of exploitation in the next 30 days.

Description

The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.

Metrics

EPSS Probability
1.26%

65.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
IijSeil\%2fx1 Firmware1.00
IijSeil\%2fx1 Firmware4.30
IijSeil\/X1All versions
IijSeil\%2fb1 Firmware1.00
IijSeil\%2fb1 Firmware4.30
IijSeil\/B1All versions
IijSeil\%2fx2 Firmware1.00
IijSeil\%2fx2 Firmware4.30
IijSeil\/X2All versions
IijSeil\%2fx86 Firmware1.00
IijSeil\%2fx86 Firmware2.80
IijSeil\/X86All versions
IijSeil\%2fturbo Firmware1.80
IijSeil\%2fturbo Firmware2.05
IijSeil\%2fturbo Firmware2.15
IijSeil\/TurboAll versions
IijSeil\%2fneu 2fe Plus Firmware1.80
IijSeil\%2fneu 2fe Plus Firmware2.05
IijSeil\%2fneu 2fe Plus Firmware2.15
IijSeil\/Neu 2fe PlusAll versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-4708?
The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.
How severe is CVE-2013-4708?
Severity scoring for CVE-2013-4708 is pending analysis. The EPSS model estimates a 1.26% probability of exploitation in the next 30 days.
How do I fix CVE-2013-4708?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-4708?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST