Strix
26.1K

CVE-2018-5465

UnknownEPSS 1.77%

Last modified

CVE-2018-5465 is a vulnerability of currently unknown severity. A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions.. EPSS estimates a 1.77% chance of exploitation in the next 30 days.

Description

A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions.

Metrics

EPSS Probability
1.77%

75.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
BeldenHirschmann Rs20-0900mmm2tdauAll versions
BeldenHirschmann Rs20-0900nnm4tdauAll versions
BeldenHirschmann Rs20-0900vvm2tdauAll versions
BeldenHirschmann Rs20-1600l2l2sdauAll versions
BeldenHirschmann Rs20-1600l2m2sdauAll versions
BeldenHirschmann Rs20-1600l2s2sdauAll versions
BeldenHirschmann Rs20-1600l2t1sdauAll versions
BeldenHirschmann Rs20-1600m2m2sdauAll versions
BeldenHirschmann Rs20-1600m2t1sdauAll versions
BeldenHirschmann Rs20-1600s2m2sdauAll versions
BeldenHirschmann Rs20-1600s2s2sdauAll versions
BeldenHirschmann Rs20-1600s2t1sdauAll versions
BeldenHirschmann Rsr20All versions
BeldenHirschmann Rsr30All versions
BeldenHirschmann Rsb20-0800m2m2saabAll versions
BeldenHirschmann Rsb20-0800m2m2saabeAll versions
BeldenHirschmann Rsb20-0800m2m2taabAll versions
BeldenHirschmann Rsb20-0800m2m2taabeAll versions
BeldenHirschmann Rsb20-0800s2s2saabAll versions
BeldenHirschmann Rsb20-0800s2s2saabeAll versions
BeldenHirschmann Rsb20-0800s2s2taabAll versions
BeldenHirschmann Rsb20-0800s2s2taabeAll versions
BeldenHirschmann Rsb20-0800t1t1saabAll versions
BeldenHirschmann Rsb20-0800t1t1saabeAll versions
BeldenHirschmann Rsb20-0800t1t1taabAll versions
BeldenHirschmann Rsb20-0800t1t1taabeAll versions
BeldenHirschmann Rsb20-0900m2ttsaabAll versions
BeldenHirschmann Rsb20-0900m2ttsaabeAll versions
BeldenHirschmann Rsb20-0900m2tttaabAll versions
BeldenHirschmann Rsb20-0900m2tttaabeAll versions
BeldenHirschmann Rsb20-0900mmm2saabAll versions
BeldenHirschmann Rsb20-0900mmm2saabeAll versions
BeldenHirschmann Rsb20-0900mmm2taabAll versions
BeldenHirschmann Rsb20-0900mmm2taabeAll versions
BeldenHirschmann Rsb20-0900s2ttsaabAll versions
BeldenHirschmann Rsb20-0900s2ttsaabeAll versions
BeldenHirschmann Rsb20-0900s2tttaabAll versions
BeldenHirschmann Rsb20-0900s2tttaabeAll versions
BeldenHirschmann Rsb20-0900vvm2saabAll versions
BeldenHirschmann Rsb20-0900vvm2saabeAll versions
BeldenHirschmann Rsb20-0900vvm2taabAll versions
BeldenHirschmann Rsb20-0900vvm2taabeAll versions
BeldenHirschmann Rsb20-0900zzz6saabAll versions
BeldenHirschmann Rsb20-0900zzz6saabeAll versions
BeldenHirschmann Rsb20-0900zzz6taabAll versions
BeldenHirschmann Rsb20-0900zzz6taabeAll versions
BeldenHirschmann M1-8mm-ScAll versions
BeldenHirschmann M1-8sfpAll versions
BeldenHirschmann M1-8sm-ScAll versions
BeldenHirschmann M1-8tp-Rj45All versions

Showing 50 of 134 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2018-5465?
A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions.
How severe is CVE-2018-5465?
Severity scoring for CVE-2018-5465 is pending analysis. The EPSS model estimates a 1.77% probability of exploitation in the next 30 days.
How do I fix CVE-2018-5465?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-5465?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST