Vulnerability Details CVE-2013-4708
The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.6%
CVSS Severity
CVSS v2 Score 4.0
References
- http://jvn.jp/en/jp/JVN40079308/index.html
- http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html
- http://osvdb.org/97619
- http://www.seil.jp/support/security/a01388.html
- http://jvn.jp/en/jp/JVN40079308/index.html
- http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html
- http://osvdb.org/97619
- http://www.seil.jp/support/security/a01388.html
Products affected by CVE-2013-4708
-
cpe:2.3:h:iij:seil/b1:-
-
cpe:2.3:h:iij:seil/neu_2fe_plus:-
-
cpe:2.3:h:iij:seil/turbo:-
-
cpe:2.3:h:iij:seil/x1:-
-
cpe:2.3:h:iij:seil/x2:-
-
cpe:2.3:h:iij:seil/x86:-
-
cpe:2.3:o:iij:seil%2fb1_firmware:1.00
-
cpe:2.3:o:iij:seil%2fb1_firmware:4.30
-
cpe:2.3:o:iij:seil%2fneu_2fe_plus_firmware:1.80
-
cpe:2.3:o:iij:seil%2fneu_2fe_plus_firmware:2.05
-
cpe:2.3:o:iij:seil%2fneu_2fe_plus_firmware:2.15
-
cpe:2.3:o:iij:seil%2fturbo_firmware:1.80
-
cpe:2.3:o:iij:seil%2fturbo_firmware:2.05
-
cpe:2.3:o:iij:seil%2fturbo_firmware:2.15
-
cpe:2.3:o:iij:seil%2fx1_firmware:1.00
-
cpe:2.3:o:iij:seil%2fx1_firmware:4.30
-
cpe:2.3:o:iij:seil%2fx2_firmware:1.00
-
cpe:2.3:o:iij:seil%2fx2_firmware:4.30
-
cpe:2.3:o:iij:seil%2fx86_firmware:1.00
-
cpe:2.3:o:iij:seil%2fx86_firmware:2.80