Description
The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design rather than a deployment error.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- Anritsu / Remote Spectrum Monitor MS27100AAll versions – All versions
- Anritsu / Remote Spectrum Monitor MS27101AAll versions – All versions
- Anritsu / Remote Spectrum Monitor MS27102AAll versions – All versions
- Anritsu / Remote Spectrum Monitor MS27103AAll versions – All versions