HIGH🇵🇱 Wersja polska

CVE-2024-8452

CVSS 7.5v3.1pub. 2024-09-30upd. 2024-10-04

Certain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and encryption protocol in the SNMPv3 service, allowing attackers to obtain plaintext SNMPv3 credentials potentially.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Planet Gs 4210 24p2s

    HW
    Planet
    3.0
  • Planet Gs 4210 24p2s Firmware

    OS
    Planet
    < 3.305b240802
  • Planet Gs 4210 24pl4c

    HW
    Planet
    2.0
  • Planet Gs 4210 24pl4c Firmware

    OS
    Planet
    < 2.305b240719
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-8456CRITICAL9.8PL ✓ten sam produkt

Brak kontroli dostępu w firmware PLANET GS-4210 — przejęcie pełnej kontroli

CVE-2024-8450HIGH8.6ten sam produkt

Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowin...

CVE-2024-8451HIGH7.5ten sam produkt

Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authen...

CVE-2024-8448HIGH8.8ten sam produkt

Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interfa...

CVE-2024-8455HIGH8.1ten sam produkt

The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models,...