CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-15865
https://notcve.org/view.php?id=CVE-2017-15865
08 Nov 2017 — bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492). bgpd en FRRouting (FRR) en versiones anteriores a la 2.0.2 y versiones 3.x anteriores a la 3.0.2, tal y como se usa en Cumulus Linux en versiones an... • http://www.securityfocus.com/bid/101794 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-5699 – Cumulus Linux 2.5.3 Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-5699
18 Aug 2015 — The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label. Switch Configuration Tools Backend (clcmd_server) en Cumulus Linux en versiones 2.5.3 y anteriores permite que usuarios locales ejecuten comandos arbitrarios mediante metacaracteres shell en una etiqueta de comando cl-rctl. • https://packetstorm.news/files/id/133244 • CWE-264: Permissions, Privileges, and Access Controls •