Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500260.NASLHistoryNov 08, 2019 - 12:00 a.m.
Schneider-electric Quantum Improper Authentication
2019-11-0800:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
0.004 Low
EPSS
Percentile
73.4%
The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a (1) ARP request message or (2) Neighbor Solicitation message.
File data ot_500260.nasl| Vendor | Product | Version | CPE |
|---|---|---|---|
| schneider-electric | quantum_ethernet_module_140noe77100 | * | cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77100:*:*:*:*:*:*:*:* |
| schneider-electric | quantum_ethernet_module_140noe77100 | * | cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77100:*:*:*:*:*:*:*:* |
| schneider-electric | quantum_ethernet_module_140noe77101 | * | cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77101:*:*:*:*:*:*:*:* |
| schneider-electric | quantum_ethernet_module_140noe77111 | * | cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77111:*:*:*:*:*:*:*:* |
Related
nessus
nessus
cvelist
cvelist
CVE-2011-4860
2022-10-03 16:15:13
nvd
nvd
CVE-2011-4860
2011-12-17 11:55:12
prion
prion
Design/Logic Flaw
2011-12-17 11:55:00
cve
cve
CVE-2011-4860
2022-10-03 16:15:13
openvas
openvas
Schneider Electric Quantum Ethernet Module Hardcoded Credentials (Telnet)
2011-12-14 00:00:00
Schneider Electric Quantum Ethernet Module Hardcoded Credentials (FTP)
2011-12-14 00:00:00