The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.
History

Mon, 28 Oct 2024 07:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-441

Mon, 28 Oct 2024 07:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 28 Oct 2024 06:30:00 +0000

Type Values Removed Values Added
Description The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests. The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.
Weaknesses CWE-1188

cve-icon MITRE

Status: PUBLISHED

Assigner: Moxa

Published: 2024-02-26T13:26:56.551Z

Updated: 2024-10-28T06:15:50.712Z

Reserved: 2024-01-10T00:03:24.382Z

Link: CVE-2024-0387

cve-icon Vulnrichment

Updated: 2024-08-01T18:04:49.469Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-02-26T16:27:49.890

Modified: 2024-11-21T08:46:28.533

Link: CVE-2024-0387

cve-icon Redhat

No data.