Extremenetworks
Products
3- 5 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
7| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-14332 | Hig | 0.53 | 8.1 | 0.01 | Oct 23, 2017 | Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values. | |
| CVE-2017-14331 | Med | 0.44 | 6.7 | 0.00 | Oct 23, 2017 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell. | |
| CVE-2017-14330 | Med | 0.44 | 6.7 | 0.00 | Oct 23, 2017 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process. | |
| CVE-2017-14329 | Med | 0.44 | 6.7 | 0.00 | Oct 23, 2017 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell. | |
| CVE-2017-14327 | Med | 0.29 | 4.4 | 0.00 | Oct 23, 2017 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files. | |
| CVE-2013-7309 | 0.00 | — | 0.00 | Jan 23, 2014 | The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | ||
| CVE-2005-1670 | 0.00 | — | 0.01 | May 19, 2005 | Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches running ExtremeWare XOS 11.1 before 11.1.3.3, 11.0 before 11.0.2.4, and 10.x allows remote authenticated users to execute arbitrary commands. |
- risk 0.53cvss 8.1epss 0.01
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.
- risk 0.44cvss 6.7epss 0.00
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell.
- risk 0.44cvss 6.7epss 0.00
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.
- risk 0.44cvss 6.7epss 0.00
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.
- risk 0.29cvss 4.4epss 0.00
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.
- CVE-2013-7309Jan 23, 2014risk 0.00cvss —epss 0.00
The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
- CVE-2005-1670May 19, 2005risk 0.00cvss —epss 0.01
Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches running ExtremeWare XOS 11.1 before 11.1.3.3, 11.0 before 11.0.2.4, and 10.x allows remote authenticated users to execute arbitrary commands.