VYPR

Extremexos

by Extremenetworks

CVEs (7)

  • CVE-2017-14332HigOct 23, 2017
    risk 0.53cvss 8.1epss 0.01

    Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.

  • CVE-2017-14328HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.01

    Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.

  • CVE-2017-14331MedOct 23, 2017
    risk 0.44cvss 6.7epss 0.00

    Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell.

  • CVE-2017-14330MedOct 23, 2017
    risk 0.44cvss 6.7epss 0.00

    Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.

  • CVE-2017-14329MedOct 23, 2017
    risk 0.44cvss 6.7epss 0.00

    Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.

  • CVE-2017-14327MedOct 23, 2017
    risk 0.29cvss 4.4epss 0.00

    Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.

  • CVE-2023-40457Nov 11, 2024
    risk 0.00cvss epss 0.00

    The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP session reset) because of BGP attribute error mishandling (for attribute 21 and 25). NOTE: the vendor disputes this…