The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.
Metrics
Affected Vendors & Products
References
History
Mon, 28 Oct 2024 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-441 |
Mon, 28 Oct 2024 07:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 28 Oct 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests. | The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests. |
Weaknesses | CWE-1188 |
MITRE
Status: PUBLISHED
Assigner: Moxa
Published: 2024-02-26T13:26:56.551Z
Updated: 2024-10-28T06:15:50.712Z
Reserved: 2024-01-10T00:03:24.382Z
Link: CVE-2024-0387
Vulnrichment
Updated: 2024-08-01T18:04:49.469Z
NVD
Status : Awaiting Analysis
Published: 2024-02-26T16:27:49.890
Modified: 2024-11-21T08:46:28.533
Link: CVE-2024-0387
Redhat
No data.