Vulnerability Details CVE-2016-2310
General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2016-2310
-
cpe:2.3:h:ge:multilink_ml1200:-
-
cpe:2.3:h:ge:multilink_ml1600:-
-
cpe:2.3:h:ge:multilink_ml2400:-
-
cpe:2.3:h:ge:multilink_ml3000:-
-
cpe:2.3:h:ge:multilink_ml3100:-
-
cpe:2.3:h:ge:multilink_ml800:-
-
cpe:2.3:h:ge:multilink_ml810:-
-
cpe:2.3:o:ge:multilink_firmware:5.4.1
-
cpe:2.3:o:ge:multilink_firmware:5.5.0