VAR-201508-0389
Vulnerability from variot - Updated: 2023-12-18 12:51The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms for HTTPS sessions by leveraging knowledge of a private key from another installation. GarrettCom Magnum 6K and 10K Switches are managed switches from GarrettCom, USA. An information disclosure vulnerability exists in GarrettCom Magnum 6K and 10K Switches that allows remote attackers to exploit vulnerabilities to gain unauthorized access to devices through sensitive information. An attacker can exploit this issue to gain unauthorized access to the affected device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0389",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "magnum 6k",
"scope": "lte",
"trust": 1.0,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 10k",
"scope": "lte",
"trust": 1.0,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 10k",
"scope": "lt",
"trust": 0.8,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 6k",
"scope": "lt",
"trust": 0.8,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 6k",
"scope": null,
"trust": 0.6,
"vendor": "garrettcom",
"version": null
},
{
"model": "magnum 10k",
"scope": null,
"trust": 0.6,
"vendor": "garrettcom",
"version": null
},
{
"model": "magnum 6k",
"scope": "eq",
"trust": 0.6,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 10k",
"scope": "eq",
"trust": 0.6,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 6kq",
"scope": "eq",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 6km",
"scope": "eq",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 6kl",
"scope": "eq",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 6k8",
"scope": "eq",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 6k32",
"scope": "eq",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 6k25",
"scope": "eq",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 6k16",
"scope": "eq",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 10kt",
"scope": "eq",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 10kg",
"scope": "eq",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.5"
},
{
"model": "magnum 6kq",
"scope": "ne",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 6km",
"scope": "ne",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 6kl",
"scope": "ne",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 6k8",
"scope": "ne",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 6k32",
"scope": "ne",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 6k25",
"scope": "ne",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 6k16",
"scope": "ne",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 10kt",
"scope": "ne",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.6"
},
{
"model": "magnum 10kg",
"scope": "ne",
"trust": 0.3,
"vendor": "garrettcom",
"version": "4.5.6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"db": "BID",
"id": "75236"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003989"
},
{
"db": "NVD",
"id": "CVE-2015-3960"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:garrettcom:magnum_6k_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:garrettcom:magnum_10k_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3960"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ashish Kamble of Qualys Security and Eireann Leverett",
"sources": [
{
"db": "BID",
"id": "75236"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
],
"trust": 0.9
},
"cve": "CVE-2015-3960",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-3960",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-04075",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-81921",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-3960",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-04075",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-459",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81921",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-3960",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"db": "VULHUB",
"id": "VHN-81921"
},
{
"db": "VULMON",
"id": "CVE-2015-3960"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003989"
},
{
"db": "NVD",
"id": "CVE-2015-3960"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers\u0027 installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms for HTTPS sessions by leveraging knowledge of a private key from another installation. GarrettCom Magnum 6K and 10K Switches are managed switches from GarrettCom, USA. An information disclosure vulnerability exists in GarrettCom Magnum 6K and 10K Switches that allows remote attackers to exploit vulnerabilities to gain unauthorized access to devices through sensitive information. \nAn attacker can exploit this issue to gain unauthorized access to the affected device",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3960"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003989"
},
{
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"db": "BID",
"id": "75236"
},
{
"db": "VULHUB",
"id": "VHN-81921"
},
{
"db": "VULMON",
"id": "CVE-2015-3960"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3960",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-15-167-01",
"trust": 2.9
},
{
"db": "BID",
"id": "75236",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003989",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-459",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-04075",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-81921",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3960",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"db": "VULHUB",
"id": "VHN-81921"
},
{
"db": "VULMON",
"id": "CVE-2015-3960"
},
{
"db": "BID",
"id": "75236"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003989"
},
{
"db": "NVD",
"id": "CVE-2015-3960"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
]
},
"id": "VAR-201508-0389",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"db": "VULHUB",
"id": "VHN-81921"
}
],
"trust": 1.325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04075"
}
]
},
"last_update_date": "2023-12-18T12:51:40.808000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MNS6K R456 Release Notes",
"trust": 0.8,
"url": "http://www.garrettcom.com/techsupport/mns6k_r456_release_notes.pdf"
},
{
"title": "GarrettCom Magnum 6K and 10K Switches Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/60105"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003989"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81921"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003989"
},
{
"db": "NVD",
"id": "CVE-2015-3960"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-167-01"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/75236"
},
{
"trust": 2.1,
"url": "http://www.garrettcom.com/techsupport/mns6k_r456_release_notes.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3960"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3960"
},
{
"trust": 0.3,
"url": "http://www.garrettcom.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39397"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"db": "VULHUB",
"id": "VHN-81921"
},
{
"db": "VULMON",
"id": "CVE-2015-3960"
},
{
"db": "BID",
"id": "75236"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003989"
},
{
"db": "NVD",
"id": "CVE-2015-3960"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"db": "VULHUB",
"id": "VHN-81921"
},
{
"db": "VULMON",
"id": "CVE-2015-3960"
},
{
"db": "BID",
"id": "75236"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003989"
},
{
"db": "NVD",
"id": "CVE-2015-3960"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"date": "2015-08-04T00:00:00",
"db": "VULHUB",
"id": "VHN-81921"
},
{
"date": "2015-08-04T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3960"
},
{
"date": "2015-06-16T00:00:00",
"db": "BID",
"id": "75236"
},
{
"date": "2015-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003989"
},
{
"date": "2015-08-04T01:59:05.513000",
"db": "NVD",
"id": "CVE-2015-3960"
},
{
"date": "2015-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-04075"
},
{
"date": "2016-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-81921"
},
{
"date": "2016-12-06T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3960"
},
{
"date": "2015-06-16T00:00:00",
"db": "BID",
"id": "75236"
},
{
"date": "2015-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003989"
},
{
"date": "2016-12-06T03:01:36.027000",
"db": "NVD",
"id": "CVE-2015-3960"
},
{
"date": "2015-08-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Belden GarrettCom Magnum 6K and Magnum 10K Runs on the switch MNS In the firmware HTTPS Vulnerability that breaks the encryption protection mechanism of a session",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003989"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-459"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…