Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Information exposure vulnerability in Korenix JetI/O 6550

Posted date 12/03/2024
Identificador
INCIBE-2024-0129
Importance
3 - Medium
Affected Resources

JetI/O 6550 F208 Build:0817.

Description

INCIBE has coordinated the publication of a medium severity vulnerability affecting Korenix JetI/O 6550 F208 Build:0817, an intelligent I/O server to assist in the definition of logical rules in remote I/O controls, which has been discovered by HADESS.

This vulnerability has been assigned the following code, CVSS v3.1 base score, CVSS vector and vulnerability type CWE:

  • CVE-2024-2371: 6.2 | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | CWE-200.
Solution

There is no reported solution at this time. 

Detail

CVE-2024-2371: information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials.

References list
Korenix JetI/O 6550
Etiquetas