Описание
A vulnerability has been identified in RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P (All versions < V5.9.0). The web server of the affected systems leaks the MACSEC key in clear text to a logged in user. An attacker with the credentials of a low privileged user could retrieve the MACSEC key and access (decrypt) the ethernet frames sent by authorized recipients.
EPSS
4.3 Medium
CVSS3
Дефекты
Связанные уязвимости
A vulnerability has been identified in RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P (All versions < V5.9.0). The web server of the affected systems leaks the MACSEC key in clear text to a logged in user. An attacker with the credentials of a low privileged user could retrieve the MACSEC key and access (decrypt) the ethernet frames sent by authorized recipients.
Уязвимость компонента Ethernet Frame Handler микропрограммного обеспечения Ethernet-коммутаторов RUGGEDCOM, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
4.3 Medium
CVSS3