CVE-2014-5409

Sažetak

The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.

Reference

http://libraries.ge.com/download?fileid=642886573101&entity_id=31955841101&sid=101
https://ics-cert.us-cert.gov/advisories/ICSA-15-041-02

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

16-03-2015 - 16:26

Objavljeno

14-03-2015 - 01:59