1. CVE-Search
  2. CVE-2014-5418
ID CVE-2014-5418
Summary GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and Multilink ML810, ML3000, and ML3100 switches with firmware 5.2.0 and earlier allow remote attackers to cause a denial of service (resource consumption or reboot) via crafted packets.
References
Vulnerable Configurations
  • cpe:2.3:o:ge:multilink_ml810_firmware:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:ge:multilink_ml810_firmware:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:h:ge:multilink_ml810:-:*:*:*:*:*:*:*
    cpe:2.3:h:ge:multilink_ml810:-:*:*:*:*:*:*:*
  • cpe:2.3:o:ge:multilink_ml1600_firmware:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:ge:multilink_ml1600_firmware:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:h:ge:multilink_ml1600:-:*:*:*:*:*:*:*
    cpe:2.3:h:ge:multilink_ml1600:-:*:*:*:*:*:*:*
  • cpe:2.3:o:ge:multilink_ml1200_firmware:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:ge:multilink_ml1200_firmware:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:h:ge:multilink_ml1200:-:*:*:*:*:*:*:*
    cpe:2.3:h:ge:multilink_ml1200:-:*:*:*:*:*:*:*
  • cpe:2.3:o:ge:multilink_ml3000_firmware:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:ge:multilink_ml3000_firmware:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:h:ge:multilink_ml3000:*:*:*:*:*:*:*:*
    cpe:2.3:h:ge:multilink_ml3000:*:*:*:*:*:*:*:*
  • cpe:2.3:o:ge:multilink_ml2400_firmware:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:ge:multilink_ml2400_firmware:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:h:ge:multilink_ml2400:-:*:*:*:*:*:*:*
    cpe:2.3:h:ge:multilink_ml2400:-:*:*:*:*:*:*:*
  • cpe:2.3:o:ge:multilink_ml3100_firmware:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:ge:multilink_ml3100_firmware:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:h:ge:multilink_ml3100:*:*:*:*:*:*:*:*
    cpe:2.3:h:ge:multilink_ml3100:*:*:*:*:*:*:*:*
  • cpe:2.3:o:ge:multilink_ml800_firmware:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:ge:multilink_ml800_firmware:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:h:ge:multilink_ml800:-:*:*:*:*:*:*:*
    cpe:2.3:h:ge:multilink_ml800:-:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 21-01-2015 - 17:36)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
refmap via4
confirm http://www.gedigitalenergy.com/products/support/multilink/MLSB1214.pdf
misc https://ics-cert.us-cert.gov/advisories/ICSA-15-013-04
Last major update 21-01-2015 - 17:36
Published 17-01-2015 - 02:59
Last modified 21-01-2015 - 17:36
Back to Top