VYPR

Access Controller

by Cassia Networks

CVEs (2)

  • CVE-2023-35794HigOct 27, 2023
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal endpoint (spawned console) can be accessed without authentication. Specifically, there is no session cookie validation on the Access Controller; instead, there is only Basic Authentication…

  • CVE-2023-31445MedMay 11, 2023
    risk 0.35cvss 5.3epss 0.01

    Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users.