CVE-2024-8459

CVSS v3 4.9 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

C

ertain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials.

References

Link	Resource
https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html	Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*

History

04 Oct 2024, 14:26

Type	Values Removed	Values Added
First Time		Planet gs-4210-24p2s Planet Planet gs-4210-24p2s Firmware Planet gs-4210-24pl4c Planet gs-4210-24pl4c Firmware
References	~~() https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html -~~	() https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html - Third Party Advisory
References	~~() https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html -~~	() https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html - Third Party Advisory
CPE		cpe:2.3:o:planet:gs-4210-24p2s_firmware:::::::: cpe:2.3:h:planet:gs-4210-24p2s:3.0:::::::* cpe:2.3:o:planet:gs-4210-24pl4c_firmware:::::::: cpe:2.3:h:planet:gs-4210-24pl4c:2.0:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~7.2~~	v2 : unknown v3 : 4.9

30 Sep 2024, 12:45

Type	Values Removed	Values Added
Summary		(es) Ciertos modelos de conmutadores de PLANET Technology almacenan las contraseñas de los usuarios de SNMPv3 en texto plano dentro de los archivos de configuración, lo que permite a atacantes remotos con privilegios de administrador leer el archivo y obtener las credenciales.

30 Sep 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-30 08:15

Updated : 2024-10-04 14:42

NVD link : CVE-2024-8459

Mitre link : CVE-2024-8459

CVE.ORG link : CVE-2024-8459

JSON object : View

Products Affected

CWE

CWE-312

Cleartext Storage of Sensitive Information

{"id": "CVE-2024-8459", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}, {"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2024-09-30T08:15:05.460", "references": [{"url": "https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html", "tags": ["Third Party Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-312"}]}], "descriptions": [{"lang": "en", "value": "Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials."}, {"lang": "es", "value": "Ciertos modelos de conmutadores de PLANET Technology almacenan las contrase\u00f1as de los usuarios de SNMPv3 en texto plano dentro de los archivos de configuraci\u00f3n, lo que permite a atacantes remotos con privilegios de administrador leer el archivo y obtener las credenciales."}], "lastModified": "2024-10-04T14:42:35.297", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89C0B4AA-848F-4AAC-8C51-8C10AEF0630A", "versionEndExcluding": "3.305b240802"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2A30964B-E6B8-4B8A-BE2E-882C0F3D8298"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E17E272-4418-4CE7-8E59-44953D19D659", "versionEndExcluding": "2.305b240719"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8029517-8FAB-4130-81F3-98BB09F4814E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}