CVE-2017-20234

CRITICAL

CVSS v3

9.8

CRITICAL

EPSS Score

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions and sensitive switch configuration without valid credentials.

Technical Details

CVSS v3 Vector
3.1
Published
4/3/2026
Last Modified
4/7/2026

Frequently Asked Questions

What is CVE-2017-20234?

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions and sensitive switch configuration without valid credentials.

Is CVE-2017-20234 actively exploited?

Active exploitation of CVE-2017-20234 has not been confirmed. The EPSS score is N/A%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2017-20234?

CVE-2017-20234 has a CVSS v3 base score of 9.8 (CRITICAL severity), with vector string 3.1.

Is CVE-2017-20234 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.

Check an IPSearch CVEs
Back to CVE Database
CVE-2017-20234 Vulnerability — CVSS 9.8, CRITICAL Severity | isMalicious