The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a (1) ARP request message or (2) Neighbor Solicitation message.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-12-17T11:00:00Z

Updated: 2024-09-16T20:38:01.017Z

Reserved: 2011-12-16T00:00:00Z

Link: CVE-2011-4860

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-12-17T11:55:12.307

Modified: 2024-11-21T01:33:08.320

Link: CVE-2011-4860

cve-icon Redhat

No data.