CVE-2018-5467: Infoleak
First published: Tue Mar 06 2018(Updated: )
An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Belden Hirschmann RS20-0900MMM2TDAU | ||
| Belden Hirschmann RS20-0900NNM4TDAU | ||
| Belden Hirschmann RS20-0900MMM2TDAU | ||
| Belden Hirschmann RS20-1600L2L2SDAU | ||
| Belden Hirschmann RS20-1600L2M2SDAU | ||
| Belden Hirschmann RS20-1600L2S2SDAU | ||
| Belden Hirschmann RS20-1600L2T1SDAU | ||
| Belden Hirschmann RS20-1600M2M2SDAU | ||
| Belden Hirschmann RS20-1600M2T1SDAU | ||
| Belden Hirschmann RS20-1600S2M2SDAU | ||
| Belden Hirschmann RS20-1600S2S2SDAU | ||
| Belden Hirschmann RS20-1600S2T1SDAU | ||
| Belden Hirschmann RSR20 | ||
| Belden Hirschmann RSR30 | ||
| Belden Hirschmann RSB20-0800M2M2SAABE | ||
| Belden Hirschmann RSB20-0800M2M2SAABE | ||
| Belden Hirschmann RSB20-0800M2M2TAAB | ||
| Belden Hirschmann RSB20-0800M2M2TAAB | ||
| Belden Hirschmann RSB20-0800S2S2SAAB | ||
| Belden Hirschmann RSB20-0800 S2S2 SAABE | ||
| Belden Hirschmann RSB20-0800-S2-S2TAABE | ||
| Belden Hirschmann RSB20-0800S2S2TAAB | ||
| Belden Hirschmann RSB20-0800T1T1TAAB | ||
| Belden Hirschmann RSB20-0800-T1T1SAAB | ||
| Belden Hirschmann RSB20-0800T1T1TAAB | ||
| Belden Hirschmann rsb20-0800t1t1taab | ||
| Belden Hirschmann RSB20-0900M2TTSAABE | ||
| Belden Hirschmann RSB20 | ||
| Belden Hirschmann RSB20-0900M2TTTAABE | ||
| Belden Hirschmann RSB20 | ||
| Belden Hirschmann RSB20-0900MMM2SAAB | ||
| Belden Hirschmann RSB20-0900MMM2SAABE | ||
| Belden Hirschmann RSB20-0900MMM2TAABE | ||
| Belden Hirschmann RSB20-0900MMM2TAABE | ||
| Belden Hirschmann RSB20-0900S2TTSAAB | ||
| Belden Hirschmann RSB20-0900S2TTSAABE | ||
| Belden Hirschmann RSB20 | ||
| Belden Hirschmann RSB20-0900-S2TTTAABE | ||
| Belden Hirschmann rsb20-0900s2ttsaab | ||
| Belden Hirschmann RSB20-0900VVM2SAABE | ||
| Belden Hirschmann RSB20-0900VVM2TAAB | ||
| Belden Hirschmann RSB20-0900VVM2TAAB | ||
| Belden Hirschmann RSB20-0900-ZZZ6-SAAB | ||
| Belden Hirschmann RSB20 Series | ||
| Belden Hirschmann RSB20-0900 ZZZ6 TAAB | ||
| Belden Hirschmann RSB20-0900-ZZZ6TAABE | ||
| Belden Hirschmann M1-8SM-SC | ||
| Belden Hirschmann m1-8sfp | ||
| Belden Hirschmann M1-8SM-SC | ||
| Belden Hirschmann m1-8tp-rj45 | ||
| Belden Hirschmann mach102-24tp-f | ||
| Belden Hirschmann mach102-24tp-f | ||
| Belden Hirschmann mach102-8tp | ||
| Belden Hirschmann MACH102-8TP-F | ||
| Belden Hirschmann mach102-8tp-fr | ||
| Belden Hirschmann MACH102-8TP-R | ||
| Belden Hirschmann Mach104-16TX-POEP +2X -E-L3P | ||
| Belden Hirschmann mach104-16tx-poep-l3p | ||
| Belden Hirschmann mach104-16tx-poep +2x | ||
| Belden Hirschmann mach104-16tx-poep +2x-l3p | ||
| Belden Hirschmann mach104-16tx-poep | ||
| Belden Hirschmann Mach104-16TX-POEP +2X -E-L3P | ||
| Belden Hirschmann MACH104-16TX-POEP | ||
| Belden Hirschmann mach104-16tx-poep | ||
| Belden Hirschmann mach104-16tx-poep | ||
| Belden Hirschmann mach104-16tx-poep | ||
| Belden Hirschmann MACH104-16TX-POEP-R | ||
| Belden Hirschmann MACH104-16TX-POEP-R | ||
| Belden Hirschmann MACH104-20TX-F-L3P | ||
| Belden Hirschmann MACH104-20TX-F-4POE | ||
| Belden Hirschmann MACH104-20TX-F-L3P | ||
| Belden Hirschmann MACH104-20TX-FR | ||
| Belden Hirschmann MACH104-20TX-FR-L3P | ||
| Belden Hirschmann mach4002-24g+3x-l2p | ||
| Belden Hirschmann mach4002-24g+3x-l3e | ||
| Belden Hirschmann mach4002-24g+3x-l3p | ||
| Belden Hirschmann MACH4002-24G+3X-L2P | ||
| Belden Hirschmann mach4002-24g+3x-l3e | ||
| Belden Hirschmann mach4002-24g+3x-l3p | ||
| Belden Hirschmann Mach4002-48G+3X-L2P | ||
| Belden Hirschmann mach4002-48g+3x-l3e | ||
| Belden Hirschmann mach4002-48g+3x-l3p | ||
| Belden Hirschmann Mach4002-48G+3X-L2P | ||
| Belden Hirschmann MACH4002-48G+3X-L3E | ||
| Belden Hirschmann mach4002-48g+3x-l3p | ||
| Belden Hirschmann Mice Switch Power | ||
| Belden Hirschmann MS20-0800SAAE | ||
| Belden Hirschmann ms20-0800saap | ||
| Belden Hirschmann Mice Switch Power | ||
| Belden Hirschmann Mice Switch Power | ||
| Belden Hirschmann MS20-1600SAAP | ||
| Belden Hirschmann MSP30 | ||
| Belden Hirschmann MSP30 | ||
| Belden Hirschmann MS30-1602SAAE | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS 16m-train-bp | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann OCTOPUS 24m-8 poe | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS 24m-train-bp | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann OCTOPUS 8m-train | ||
| Belden Hirschmann OCTOPUS 8m-train-bp | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann OCTOPUS 8tx poe-eec | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS os20-000900t5t5tafbhh | ||
| Belden Hirschmann OCTOPUS os20-0010001m1mtrephh | ||
| Belden Hirschmann OCTOPUS os20-0010001s1strephh | ||
| Belden Hirschmann OCTOPUS os20-0010004m4mtrephh | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS os24-080900t5t5tffbhh | ||
| Belden Hirschmann OCTOPUS os24-080900t5t5tffbhh | ||
| Belden Hirschmann OCTOPUS os24-081000t5t5tffuhb | ||
| Belden Hirschmann OCTOPUS os24-081000t5t5tffuhb | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann OCTOPUS os30 | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS os32-080802o6o6tpephh | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS os32-081602o6o6tpephh | ||
| Belden Hirschmann OCTOPUS os32-081602t6t6tpephh | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann OCTOPUS | ||
| Belden Hirschmann OCTOPUS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-5467?
CVE-2018-5467 has a medium severity rating that indicates potential information exposure risks.
How do I fix CVE-2018-5467?
To fix CVE-2018-5467, update to the latest firmware provided by Belden for affected devices.
Which devices are affected by CVE-2018-5467?
CVE-2018-5467 affects multiple Belden Hirschmann switches, including RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS models.
What type of vulnerability is CVE-2018-5467?
CVE-2018-5467 is classified as an Information Exposure Through Query Strings vulnerability in the web interface.
Can CVE-2018-5467 lead to data breaches?
Yes, CVE-2018-5467 can potentially lead to unauthorized access to sensitive information transmitted through query strings.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/belden
- canonical/belden hirschmann rs20-0900mmm2tdau
- canonical/belden hirschmann rs20-0900nnm4tdau
- canonical/belden hirschmann rs20-1600l2l2sdau
- canonical/belden hirschmann rs20-1600l2m2sdau
- canonical/belden hirschmann rs20-1600l2s2sdau
- canonical/belden hirschmann rs20-1600l2t1sdau
- canonical/belden hirschmann rs20-1600m2m2sdau
- canonical/belden hirschmann rs20-1600m2t1sdau
- canonical/belden hirschmann rs20-1600s2m2sdau
- canonical/belden hirschmann rs20-1600s2s2sdau
- canonical/belden hirschmann rs20-1600s2t1sdau
- canonical/belden hirschmann rsr20
- canonical/belden hirschmann rsr30
- canonical/belden hirschmann rsb20-0800m2m2saabe
- canonical/belden hirschmann rsb20-0800m2m2taab
- canonical/belden hirschmann rsb20-0800s2s2saab
- canonical/belden hirschmann rsb20-0800 s2s2 saabe
- canonical/belden hirschmann rsb20-0800-s2-s2taabe
- canonical/belden hirschmann rsb20-0800s2s2taab
- canonical/belden hirschmann rsb20-0800t1t1taab
- canonical/belden hirschmann rsb20-0800-t1t1saab
- canonical/belden hirschmann rsb20-0900m2ttsaabe
- canonical/belden hirschmann rsb20
- canonical/belden hirschmann rsb20-0900m2tttaabe
- canonical/belden hirschmann rsb20-0900mmm2saab
- canonical/belden hirschmann rsb20-0900mmm2saabe
- canonical/belden hirschmann rsb20-0900mmm2taabe
- canonical/belden hirschmann rsb20-0900s2ttsaab
- canonical/belden hirschmann rsb20-0900s2ttsaabe
- canonical/belden hirschmann rsb20-0900-s2tttaabe
- canonical/belden hirschmann rsb20-0900vvm2saabe
- canonical/belden hirschmann rsb20-0900vvm2taab
- canonical/belden hirschmann rsb20-0900-zzz6-saab
- canonical/belden hirschmann rsb20 series
- canonical/belden hirschmann rsb20-0900 zzz6 taab
- canonical/belden hirschmann rsb20-0900-zzz6taabe
- canonical/belden hirschmann m1-8sm-sc
- canonical/belden hirschmann m1-8sfp
- canonical/belden hirschmann m1-8tp-rj45
- canonical/belden hirschmann mach102-24tp-f
- canonical/belden hirschmann mach102-8tp
- canonical/belden hirschmann mach102-8tp-f
- canonical/belden hirschmann mach102-8tp-fr
- canonical/belden hirschmann mach102-8tp-r
- canonical/belden hirschmann mach104-16tx-poep +2x -e-l3p
- canonical/belden hirschmann mach104-16tx-poep-l3p
- canonical/belden hirschmann mach104-16tx-poep +2x
- canonical/belden hirschmann mach104-16tx-poep +2x-l3p
- canonical/belden hirschmann mach104-16tx-poep
- canonical/belden hirschmann mach104-16tx-poep-r
- canonical/belden hirschmann mach104-20tx-f-l3p
- canonical/belden hirschmann mach104-20tx-f-4poe
- canonical/belden hirschmann mach104-20tx-fr
- canonical/belden hirschmann mach104-20tx-fr-l3p
- canonical/belden hirschmann mach4002-24g+3x-l2p
- canonical/belden hirschmann mach4002-24g+3x-l3e
- canonical/belden hirschmann mach4002-24g+3x-l3p
- canonical/belden hirschmann mach4002-48g+3x-l2p
- canonical/belden hirschmann mach4002-48g+3x-l3e
- canonical/belden hirschmann mach4002-48g+3x-l3p
- canonical/belden hirschmann mice switch power
- canonical/belden hirschmann ms20-0800saae
- canonical/belden hirschmann ms20-0800saap
- canonical/belden hirschmann ms20-1600saap
- canonical/belden hirschmann msp30
- canonical/belden hirschmann ms30-1602saae
- canonical/belden hirschmann octopus
- canonical/belden hirschmann octopus 16m-train-bp
- canonical/belden hirschmann octopus 24m-8 poe
- canonical/belden hirschmann octopus 24m-train-bp
- canonical/belden hirschmann octopus 8m-train
- canonical/belden hirschmann octopus 8m-train-bp
- canonical/belden hirschmann octopus 8tx poe-eec
- canonical/belden hirschmann octopus os20-000900t5t5tafbhh
- canonical/belden hirschmann octopus os20-0010001m1mtrephh
- canonical/belden hirschmann octopus os20-0010001s1strephh
- canonical/belden hirschmann octopus os20-0010004m4mtrephh
- canonical/belden hirschmann octopus os24-080900t5t5tffbhh
- canonical/belden hirschmann octopus os24-081000t5t5tffuhb
- canonical/belden hirschmann octopus os30
- canonical/belden hirschmann octopus os32-080802o6o6tpephh
- canonical/belden hirschmann octopus os32-081602o6o6tpephh
- canonical/belden hirschmann octopus os32-081602t6t6tpephh