Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-5645

Опубликовано: 06 нояб. 2020
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:mitsubishielectric:coreos:*:*:*:*:*:*:*:*
Версия до 05.65.00.bd (включая)

Одно из

cpe:2.3:h:mitsubishielectric:gt1450-qlbde:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt1450-qmbde:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt1450hs-qmbde:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt1455-qtbde:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt1455hs-qtbde:-:*:*:*:*:*:*:*

EPSS

Процентиль: 76%
0.00962
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-384

Связанные уязвимости

github логотип

GHSA-424f-mqpf-66f3

github
больше 3 лет назад

Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’ and earlier, GT1455HS-QTBDE CoreOS version ’05.65.00.BD’ and earlier, and GT1450HS-QMBDE CoreOS version ’05.65.00.BD’ and earlier) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet.

EPSS

Процентиль: 76%
0.00962
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-384