high
8.8
CWE
384
Advisory Published
Updated

CVE-2018-5465

First published: Tue Mar 06 2018(Updated: )

A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions.

Credit: ics-cert@hq.dhs.gov

Affected SoftwareAffected VersionHow to fix
Belden Hirschmann RS20-0900MMM2TDAU
Belden Hirschmann RS20-0900NNM4TDAU
Belden Hirschmann RS20-0900MMM2TDAU
Belden Hirschmann RS20-1600L2L2SDAU
Belden Hirschmann RS20-1600L2M2SDAU
Belden Hirschmann RS20-1600L2S2SDAU
Belden Hirschmann RS20-1600L2T1SDAU
Belden Hirschmann RS20-1600M2M2SDAU
Belden Hirschmann RS20-1600M2T1SDAU
Belden Hirschmann RS20-1600S2M2SDAU
Belden Hirschmann RS20-1600S2S2SDAU
Belden Hirschmann RS20-1600S2T1SDAU
Belden Hirschmann RSR20
Belden Hirschmann RSR30
Belden Hirschmann RSB20-0800M2M2SAABE
Belden Hirschmann RSB20
Belden Hirschmann RSB20-0800M2M2TAAB
Belden Hirschmann RSB20-0800M2M2TAAB
Belden Hirschmann RSB20 Series
Belden Hirschmann RSB20-0800 S2S2 SAABE
Belden Hirschmann RSB20 Series
Belden Hirschmann RSB20-0800S2S2TAAB
Belden Hirschmann RSB20-0800T1T1TAAB
Belden Hirschmann RSB20-0800-T1T1SAAB
Belden Hirschmann RSB20-0800T1T1TAAB
Belden Hirschmann rsb20-0800t1t1taab
Belden Hirschmann RSB20-0900M2TTSAABE
Belden Hirschmann RSB20
Belden Hirschmann RSB20-0900M2TTTAABE
Belden Hirschmann RSB20-0900 Series
Belden Hirschmann RSB20-0900MMM2SAAB
Belden Hirschmann RSB20-0900MMM2SAABE
Belden Hirschmann RSB20-0900MMM2TAABE
Belden Hirschmann RSB20-0900MMM2TAABE
Belden Hirschmann RSB20-0900S2TTSAAB
Belden Hirschmann RSB20-0900S2TTSAAB
Belden Hirschmann RSB20
Belden Hirschmann RSB20-0900-S2TTTAABE
Belden Hirschmann rsb20-0900s2ttsaab
Belden Hirschmann RSB20-0900VVM2SAABE
Belden Hirschmann RSB20-0900VVM2TAAB
Belden Hirschmann RSB20-0900VVM2TAAB
Belden Hirschmann RSB20-0900-ZZZ6-SAAB
Belden Hirschmann RSB20 Series
Belden Hirschmann RSB20-0900 ZZZ6 TAAB
Belden Hirschmann RSB20-0900-ZZZ6TAABE
Belden Hirschmann M1-8SM-SC
Belden Hirschmann m1-8sfp
Belden Hirschmann M1-8SM-SC
Belden Hirschmann m1-8tp-rj45
Belden Hirschmann MACH102-24TP-F
Belden Hirschmann mach102-24tp-f
Belden Hirschmann MACH102-8TP-R
Belden Hirschmann MACH102-8TP-FR
Belden Hirschmann MACH102-8TP-FR
Belden Hirschmann MACH102-8TP-R
Belden Hirschmann MACH104-16TX-POEP
Belden Hirschmann Mach104-16TX-POEP
Belden Hirschmann mach104-16tx-poep +2x
Belden Hirschmann mach104-16tx-poep +2x-l3p
Belden Hirschmann mach104-16tx-poep
Belden Hirschmann Mach104-16TX-POEP +2X -E-L3P
Belden Hirschmann MACH104-16TX-POEP
Belden Hirschmann mach104-16tx-poep
Belden Hirschmann mach104-16tx-poep
Belden Hirschmann mach104-16tx-poep
Belden Hirschmann MACH104-16TX-POEP-R
Belden Hirschmann MACH104-16TX-POEP-R
Belden Hirschmann MACH104-20TX-F-L3P
Belden Hirschmann MACH104-20TX-F-4POE
Belden Hirschmann MACH104-20TX-F-L3P
Belden Hirschmann MACH104-20TX-FR
Belden Hirschmann MACH104-20TX-FR-L3P
Belden Hirschmann mach4002-24g+3x-l2p
Belden Hirschmann mach4002-24g+3x-l3e
Belden Hirschmann mach4002-24g+3x-l3p
Belden Hirschmann MACH4002-24G+3X-L2P
Belden Hirschmann mach4002-24g+3x-l3e
Belden Hirschmann mach4002-24g+3x-l3p
Belden Hirschmann Mach4002-48G+3X-L2P
Belden Hirschmann mach4002-48g+3x-l3e
Belden Hirschmann mach4002-48g+3x-l3p
Belden Hirschmann Mach4002-48G+3X-L2P
Belden Hirschmann MACH4002-48G+3X-L3E
Belden Hirschmann mach4002-48g+3x-l3p
Belden Hirschmann Mice Switch Power
Belden Hirschmann MS20-0800SAAE
Belden Hirschmann MS20-0800SAAP
Belden Hirschmann Mice Switch Power
Belden Hirschmann Mice Switch Power
Belden Hirschmann MS20-1600SAAP
Belden Hirschmann MSP30
Belden Hirschmann MSP30
Belden Hirschmann MS30-1602SAAE
Belden Hirschmann Octopus
Belden Hirschmann Octopus
Belden Hirschmann OCTOPUS
Belden Hirschmann Octopus
Belden Hirschmann Octopus
Belden Hirschmann Octopus
Belden Hirschmann OCTOPUS
Belden Hirschmann Octopus
Belden Hirschmann Octopus
Belden Hirschmann Octopus
Belden Hirschmann Octopus
Belden Hirschmann Octopus
Belden Hirschmann Octopus
Belden Hirschmann OCTOPUS
Belden Hirschmann Octopus
Belden Hirschmann Octopus
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS os20-000900t5t5tafbhh
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS os24-080900t5t5tffbhh
Belden Hirschmann OCTOPUS os24-080900t5t5tffbhh
Belden Hirschmann OCTOPUS os24-081000t5t5tffuhb
Belden Hirschmann OCTOPUS os24-081000t5t5tffuhb
Belden Hirschmann Octopus
Belden Hirschmann OCTOPUS os30
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS os32-081602o6o6tpephh
Belden Hirschmann OCTOPUS os32-081602t6t6tpephh
Belden Hirschmann Octopus
Belden Hirschmann OCTOPUS
Belden Hirschmann OCTOPUS

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2018-5465?

    CVE-2018-5465 is classified as a high severity vulnerability due to its potential to allow session hijacking.

  • How do I fix CVE-2018-5465?

    To remediate CVE-2018-5465, it is recommended to apply the latest firmware updates provided by Belden.

  • What products are impacted by CVE-2018-5465?

    CVE-2018-5465 affects various Belden Hirschmann switches, including models like RS20, RSR20, RSB20, MACH100, MACH1000, and OCTOPUS.

  • What type of vulnerability is CVE-2018-5465?

    CVE-2018-5465 is a session fixation vulnerability found in the web interface of certain Belden Hirschmann switches.

  • Who is affected by CVE-2018-5465?

    Organizations using vulnerable versions of Belden Hirschmann network switches are at risk of being targeted by attackers exploiting this vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203