Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GE Multilink Use of Hard-coded Cryptographic Key
Vulnerability Description
GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and Multilink ML810, ML3000, and ML3100 switches with firmware 5.2.0 and earlier use the same RSA private key across different customers' installations, which makes it easier for remote attackers to obtain the cleartext content of network traffic by reading this key from a firmware image and then sniffing the network.
CVSS Information
N/A
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
多款General Electric交换机安全绕过漏洞
Vulnerability Description
GE Multilink ML800、ML1200和ML1600等都是美国通用电气(GE)公司的以太网交换机产品。 多款GE交换机中存在安全漏洞,该漏洞源于程序在不同的用户安装中使用相同的RSA私钥。远程攻击者可通过在固件图像中读取私钥,并嗅探网络利用该漏洞获取网络流量中的明文内容。以下产品及版本受到影响:使用4.2.1及之前版本固件的GE Multilink ML800,ML1200,ML1600和ML2400交换机,使用5.2.0及之前版本固件的Multilink ML810,ML3000和ML310
CVSS Information
N/A
Vulnerability Type
N/A