CRITICAL🇬🇧 English

CVE-2023-43119

CVSS 9.8v3.1pub. 2023-10-16upd. 2024-11-21

An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Extremenetworks Exos

    OS
    Extremenetworks
    < 22.731.7.0 – 31.7.2 (bez)32.0 – 32.5.1.5 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-43118HIGH8.8ten sam produkt

Cross Site Request Forgery (CSRF) vulnerability in Chalet application in Extreme Networks Switch Engine (EXOS)...

CVE-2023-43120HIGH8.8ten sam produkt

An issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7 and before 31.7.1 al...

CVE-2023-43121HIGH7.5ten sam produkt

A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine (EXOS) ...

CVE-2013-7309MEDIUM5.4ten sam produkt

The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID ...

CVE-2024-38292CRITICAL9.8PL ✓ten sam vendor

Path traversal w Extreme Networks XIQ-SE umożliwiający privilege escalation