Vulnerabilities > CVE-2006-6717 - Unspecified vulnerability in Alliedtelesyn At-9000 24 Ethernetswitch

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

alliedtelesyn

NVD

Published: 2006-12-23

Updated: 2018-10-17

Summary

The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.

Vulnerable Configurations

Part	Description	Count
Hardware	Alliedtelesyn Alliedtelesyn AT 9000 24 Ethernetswitch *	1

References

http://secunia.com/advisories/23451
http://secunia.com/advisories/23590
http://www.securityfocus.com/archive/1/454630/100/0/threaded
http://www.securityfocus.com/bid/21628
https://exchange.xforce.ibmcloud.com/vulnerabilities/30924