CVE-2017-20234
Received Received - Intake
Authentication Bypass in GarrettCom Magnum Switches Enables Unauthorized Access

Publication date: 2026-04-03

Last updated on: 2026-04-03

Assigner: VulnCheck

Description
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions and sensitive switch configuration without valid credentials.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-03
Last Modified
2026-04-03
Generated
2026-06-16
AI Q&A
2026-04-04
EPSS Evaluated
2026-06-14
NVD
CVE-2017-20234
EUVD
EUVD-2017-18957
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
garrettcom magnum_6k *
garrettcom magnum_10k *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in GarrettCom Magnum 6K and 10K managed switches is an authentication bypass issue. It allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. This means attackers can bypass login controls and access administrative functions and sensitive switch configurations without needing valid credentials.

Impact Analysis

This vulnerability can have a severe impact as it allows attackers to gain administrative access to the affected switches without authentication. This unauthorized access can lead to manipulation of switch configurations, potential disruption of network operations, exposure of sensitive network information, and overall compromise of network security.

Compliance Impact

The vulnerability allows unauthenticated attackers to bypass authentication and gain unauthorized administrative access to GarrettCom Magnum 6K and 10K managed switches. This unauthorized access to sensitive switch configuration and administrative functions could lead to exposure or manipulation of sensitive data, which may impact compliance with standards and regulations such as GDPR and HIPAA that require protection of sensitive information and strict access controls.

However, specific impacts on compliance with these standards are not detailed in the provided information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2017-20234. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart