- Description
- An issue was discovered on FiberHome Fengine S5800 switches V210R240. An unauthorized attacker can access the device's SSH service, using a password cracking tool to establish SSH connections quickly. This will trigger an increase in the SSH login timeout (each of the login attempts will occupy a connection slot for a longer time). Once this occurs, legitimate login attempts via SSH/telnet will be refused, resulting in a denial of service; you must restart the device.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 3.1
- Type
- Primary
- Base score
- 5.9
- Impact score
- 3.6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 7.1
- Impact score
- 6.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:C
- nvd@nist.gov
- CWE-400
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fiberhome:fengine_s5800_firmware:v210r240:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4C4C2BB-CB68-47EA-A125-7DECA73630D3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fiberhome:fengine_28f-s:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FDA77F7F-59F0-4E9A-A6FA-55E6710D58EA"
},
{
"criteria": "cpe:2.3:h:fiberhome:fengine_52f-s:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BA8E0A26-FF86-43F3-9D33-EF0B5648403C"
},
{
"criteria": "cpe:2.3:h:fiberhome:fengine_52t-s:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C61388D1-E384-4DFF-89FF-72CA6B22AD9D"
},
{
"criteria": "cpe:2.3:h:fiberhome:fengine_s5800-28t-s:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F5C5E8A6-8404-4F29-BC42-99AEB3DF91AC"
},
{
"criteria": "cpe:2.3:h:fiberhome:fengine_s5800-28t-s-pe:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "35DEF0C7-1261-498F-AB16-9078806F856E"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]