Extremexos
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14332 | Hig | 0.53 | 8.1 | 0.01 | Oct 23, 2017 | Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values. | ||
| CVE-2017-14328 | Hig | 0.49 | 7.5 | 0.01 | Oct 23, 2017 | Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot. | ||
| CVE-2017-14331 | Med | 0.44 | 6.7 | 0.00 | Oct 23, 2017 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell. | ||
| CVE-2017-14330 | Med | 0.44 | 6.7 | 0.00 | Oct 23, 2017 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process. | ||
| CVE-2017-14329 | Med | 0.44 | 6.7 | 0.00 | Oct 23, 2017 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell. | ||
| CVE-2017-14327 | Med | 0.29 | 4.4 | 0.00 | Oct 23, 2017 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files. | ||
| CVE-2023-40457 | 0.00 | — | 0.00 | Nov 11, 2024 | The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP session reset) because of BGP attribute error mishandling (for attribute 21 and 25). NOTE: the vendor disputes this… |
- risk 0.53cvss 8.1epss 0.01
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.
- risk 0.49cvss 7.5epss 0.01
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.
- risk 0.44cvss 6.7epss 0.00
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell.
- risk 0.44cvss 6.7epss 0.00
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.
- risk 0.44cvss 6.7epss 0.00
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.
- risk 0.29cvss 4.4epss 0.00
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.
- CVE-2023-40457Nov 11, 2024risk 0.00cvss —epss 0.00
The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP session reset) because of BGP attribute error mishandling (for attribute 21 and 25). NOTE: the vendor disputes this…