Strix
26.1K

CVE-2018-5461

UnknownEPSS 0.46%

Last modified

CVE-2018-5461 is a vulnerability of currently unknown severity. An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack.. EPSS estimates a 0.46% chance of exploitation in the next 30 days.

Description

An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack.

Metrics

EPSS Probability
0.46%

36.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
BeldenHirschmann Rs20-0900mmm2tdauAll versions
BeldenHirschmann Rs20-0900nnm4tdauAll versions
BeldenHirschmann Rs20-0900vvm2tdauAll versions
BeldenHirschmann Rs20-1600l2l2sdauAll versions
BeldenHirschmann Rs20-1600l2m2sdauAll versions
BeldenHirschmann Rs20-1600l2s2sdauAll versions
BeldenHirschmann Rs20-1600l2t1sdauAll versions
BeldenHirschmann Rs20-1600m2m2sdauAll versions
BeldenHirschmann Rs20-1600m2t1sdauAll versions
BeldenHirschmann Rs20-1600s2m2sdauAll versions
BeldenHirschmann Rs20-1600s2s2sdauAll versions
BeldenHirschmann Rs20-1600s2t1sdauAll versions
BeldenHirschmann Rsr20All versions
BeldenHirschmann Rsr30All versions
BeldenHirschmann Rsb20-0800m2m2saabAll versions
BeldenHirschmann Rsb20-0800m2m2saabeAll versions
BeldenHirschmann Rsb20-0800m2m2taabAll versions
BeldenHirschmann Rsb20-0800m2m2taabeAll versions
BeldenHirschmann Rsb20-0800s2s2saabAll versions
BeldenHirschmann Rsb20-0800s2s2saabeAll versions
BeldenHirschmann Rsb20-0800s2s2taabAll versions
BeldenHirschmann Rsb20-0800s2s2taabeAll versions
BeldenHirschmann Rsb20-0800t1t1saabAll versions
BeldenHirschmann Rsb20-0800t1t1saabeAll versions
BeldenHirschmann Rsb20-0800t1t1taabAll versions
BeldenHirschmann Rsb20-0800t1t1taabeAll versions
BeldenHirschmann Rsb20-0900m2ttsaabAll versions
BeldenHirschmann Rsb20-0900m2ttsaabeAll versions
BeldenHirschmann Rsb20-0900m2tttaabAll versions
BeldenHirschmann Rsb20-0900m2tttaabeAll versions
BeldenHirschmann Rsb20-0900mmm2saabAll versions
BeldenHirschmann Rsb20-0900mmm2saabeAll versions
BeldenHirschmann Rsb20-0900mmm2taabAll versions
BeldenHirschmann Rsb20-0900mmm2taabeAll versions
BeldenHirschmann Rsb20-0900s2ttsaabAll versions
BeldenHirschmann Rsb20-0900s2ttsaabeAll versions
BeldenHirschmann Rsb20-0900s2tttaabAll versions
BeldenHirschmann Rsb20-0900s2tttaabeAll versions
BeldenHirschmann Rsb20-0900vvm2saabAll versions
BeldenHirschmann Rsb20-0900vvm2saabeAll versions
BeldenHirschmann Rsb20-0900vvm2taabAll versions
BeldenHirschmann Rsb20-0900vvm2taabeAll versions
BeldenHirschmann Rsb20-0900zzz6saabAll versions
BeldenHirschmann Rsb20-0900zzz6saabeAll versions
BeldenHirschmann Rsb20-0900zzz6taabAll versions
BeldenHirschmann Rsb20-0900zzz6taabeAll versions
BeldenHirschmann M1-8mm-ScAll versions
BeldenHirschmann M1-8sfpAll versions
BeldenHirschmann M1-8sm-ScAll versions
BeldenHirschmann M1-8tp-Rj45All versions

Showing 50 of 134 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2018-5461?
An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack.
How severe is CVE-2018-5461?
Severity scoring for CVE-2018-5461 is pending analysis. The EPSS model estimates a 0.46% probability of exploitation in the next 30 days.
How do I fix CVE-2018-5461?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-5461?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST