CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-1473

The (1) Windows and (2) Java client programs for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 do not properly use RSA cryptography for a symmetric session-key negotiation, which makes it easier for remote attackers to (a) decrypt network traffic, or (b) conduct man-in-the-middle attacks, by repeating unspecified "client-side calculations."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.7%

CVSS Severity

CVSS v2 Score 10.0

References

http://secunia.com/advisories/35241
http://www.securityfocus.com/archive/1/503827/100/0/threaded
http://www.securityfocus.com/bid/35108
https://exchange.xforce.ibmcloud.com/vulnerabilities/50849
http://secunia.com/advisories/35241
http://www.securityfocus.com/archive/1/503827/100/0/threaded
http://www.securityfocus.com/bid/35108
https://exchange.xforce.ibmcloud.com/vulnerabilities/50849

Products affected by CVE-2009-1473

Aten » Kh1516i Ip Kvm Switch » Version: 1.0.063

cpe:2.3:h:aten:kh1516i_ip_kvm_switch:1.0.063
Aten » Kn9116 Ip Kvm Switch » Version: 1.1.104

cpe:2.3:h:aten:kn9116_ip_kvm_switch:1.1.104

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-1473

Products

Pricing

Contact Us