RSS   Vulnerabilities for 'Vyatta 5400 vrouter software'   RSS

2014-10-07
 
CVE-2014-4870

CWE-20
 

 
/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration.

 
 
CVE-2014-4869

CWE-264
 

 
The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group.

 
 
CVE-2014-4868

CWE-78
 

 
The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console command.

 

 >>> Vendor: Brocade 27 Products
Silkworm
Silkworm fiber channel switch
Fabric os
Bigiron rx switch
MLX
Netiron xmr
Netiron cer
Netiron ces
VDX
Fastiron
ICX
Turboiron
Bigiron rx
ADX
Vyatta
Vyatta vrouter software
Vyatta vrouter
Vyatta 5400 vrouter software
Vyatta 5400 vrouter
Netiron os
Network advisor
Virtual traffic manager
Netiron cer series firmware
Netiron xmr series firmware
Netiron mlx series firmware
Netiron ces series firmware
Sannav


Copyright 2024, cxsecurity.com

 

Back to Top