Skip to the content.

CVE-2023-22577 - White Rabbit Switch - Password Disclosure Vulnerability

CVE CVE-2023-22577
Discovered by
  • Tom Wolters (Chapter8)
Credits
Affected products
Product Affected Unaffected Unknown
CERN White Rabbit Switch >= vx.y.z < v6.0.1 to < v6.0.1
everything else
Page author Victor Pasman
CVSS Base score: 9.8 (CRITICAL)
References
Problem type(s) CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Impact(s) CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
Last modified 11 May 2023 08:53

Description

Within White Rabbit Switch it’s possible as an unauthenticated user to retrieve sensitive information such as password hashes and the SNMP community strings.


JSON version