CVE-2018-5469

high-risk

Published 2018-03-06

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An improper restriction of excessive authentication vulnerability in the web interface has been identified, which may allow an attacker to brute force authentication.

Do I need to act?

0.19% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (20)

Hirschmann Rs20-0900Mmm2Tdau

Hirschmann Rs20-0900Nnm4Tdau

Hirschmann Rs20-0900Vvm2Tdau

Hirschmann Rs20-1600L2L2Sdau

Hirschmann Rs20-1600L2M2Sdau

Hirschmann Rs20-1600L2S2Sdau

Hirschmann Rs20-1600L2T1Sdau

Hirschmann Rs20-1600M2M2Sdau

Hirschmann Rs20-1600M2T1Sdau

Hirschmann Rs20-1600S2M2Sdau

Hirschmann Rs20-1600S2S2Sdau

Hirschmann Rs20-1600S2T1Sdau

Hirschmann Rsr20

Hirschmann Rsr30

Hirschmann Rsb20-0800M2M2Saab

Hirschmann Rsb20-0800M2M2Saabe

Hirschmann Rsb20-0800M2M2Taab

Hirschmann Rsb20-0800M2M2Taabe

Hirschmann Rsb20-0800S2S2Saab

Hirschmann Rsb20-0800S2S2Saabe

Affected Vendors

Belden

References (4)

Third Party Advisory http://www.securityfocus.com/bid/103340

Mitigation https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01

Third Party Advisory http://www.securityfocus.com/bid/103340

Mitigation https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 1/34 · Minimal

Exposure 32/34 · Critical