Kh1516I Ip Kvm Switch
Approved changes feed: RSS · Atom
cpe:2.3:h:aten:kh1516i_ip_kvm_switch:1.0.063:-:java_client:*:*:*:*:*
part: h version: 1.0.063 update: -
| Vendor | Aten (981d2ad9-cb17-5cb5-a465-0e5a8d42230d) |
|---|---|
| Product | Kh1516I Ip Kvm Switch (e28b633b-bf02-50b3-a697-2314f9383b85) |
| Edition | java_client |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2009-1473 |
vulnerable | 2026-06-08 04:51:23.253690 |
Details available
The (1) Windows and (2) Java client programs for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 do not properly use RSA cryptography for a symmetric session-key negotiation, which makes it easier for remote attackers to (a) decrypt network traffic, or (b) conduct man-in-the-middle attacks, by repeating unspecified "client-side calculations."
Published: 2009-05-27T16:00:00.000Z
Updated: 2024-08-07T05:13:25.598Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-1472 |
vulnerable | 2026-06-08 04:51:23.252650 |
Details available
The Java client program for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 has a hardcoded AES encryption key, which makes it easier for man-in-the-middle attackers to (1) execute arbitrary Java code, or (2) gain access to machines connected to the switch, by hijacking a session.
Published: 2009-05-27T16:00:00.000Z
Updated: 2024-08-07T05:13:25.652Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.