HIGH🇵🇱 Wersja polska

CVE-2024-8451

CVSS 7.5v3.1pub. 2024-09-30upd. 2024-10-04

Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Planet Gs 4210 24p2s

    HW
    Planet
    3.0
  • Planet Gs 4210 24p2s Firmware

    OS
    Planet
    < 3.305b240802
  • Planet Gs 4210 24pl4c

    HW
    Planet
    2.0
  • Planet Gs 4210 24pl4c Firmware

    OS
    Planet
    < 2.305b240719
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-8456CRITICAL9.8PL ✓ten sam produkt

Brak kontroli dostępu w firmware PLANET GS-4210 — przejęcie pełnej kontroli

CVE-2024-8450HIGH8.6ten sam produkt

Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowin...

CVE-2024-8452HIGH7.5ten sam produkt

Certain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and ...

CVE-2024-8448HIGH8.8ten sam produkt

Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interfa...

CVE-2024-8455HIGH8.1ten sam produkt

The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models,...