Описание
The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC) function in Internet Initiative Japan SEIL/B1 firmware 1.00 through 2.52 use the same challenge for each authentication attempt, which allows remote attackers to bypass authentication via a replay attack.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:iij:seil\/b1:1.00:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.01:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.10:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.20:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.30:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.40:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.41:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.42:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.50:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.51:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:2.52:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.0029
Низкий
2.6 Low
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC) function in Internet Initiative Japan SEIL/B1 firmware 1.00 through 2.52 use the same challenge for each authentication attempt, which allows remote attackers to bypass authentication via a replay attack.
EPSS
Процентиль: 52%
0.0029
Низкий
2.6 Low
CVSS2
Дефекты
CWE-287