A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a,…
icscert·CWE-321·Published 2017-11-01
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. An attacker may gain access to hard-coded certificates and private keys allowing the attacker to perform man-in-the-middle attacks.
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. An attacker may gain access to hard-coded certificates and private keys allowing the attacker to perform man-in-the-middle attacks.
Se ha descubierto un problema de uso de clave criptográfica embebida en Korenix JetNet JetNet5018G versión 1.4, JetNet5310G versión 1.4a, JetNet5428G-2G-2FX versión 1.4, JetNet5628G-R versión 1.4, JetNet5628G versión 1.4, JetNet5728G-24P versión 1.4, JetNet5828G versión 1.1d, JetNet6710G-HVDC versión 1.1e y JetNet6710G versión 1.1. Un atacante puede conseguir acceder a certificados y claves privadas embebidos, lo que le permite realizar ataques Man-in-the-Middle (MitM).
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 10.0 | 10.0 | 10.0 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| 3.0 | Primary | NVD | 9.8 | 3.9 | 5.9 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |