MidnightBSD

Advisories for ekahau

CVE-2014-2716 MEDIUM

Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
ekahau real-time_location_system_controller 6.0.5-final
ekahau b4_staff_badge_tag_firmware 1.4.52
ekahau activator 3
CVE-2014-9408 MEDIUM

Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 uses part of the MAC address as part of the RC4 setup key, which makes it easier for remote attackers to guess the key via a brute-force attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
ekahau b4_staff_badge_tag 5.7
ekahau real-time_location_system_controller 6.0.5-final
ekahau b4_staff_badge_tag_firmware 1.4.52
ekahau activator 3