CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4870
https://notcve.org/view.php?id=CVE-2014-4870
/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration. /opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl en el vRouter Brocade Vyatta 5400 6.4R(x), 6.6R(x), y 6.7R1 no valida debidamente los parámetros, lo que permite a usuarios locales ganar privilegios mediante el aprovechamiento de la configuración sudo. • http://www.kb.cert.org/vuls/id/111588 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4869
https://notcve.org/view.php?id=CVE-2014-4869
The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group. El vRouter Brocade Vyatta 5400 6.4R(x), 6.6R(x), y 6.7R1 permite a atacantes obtener información sensible de contraseñas cifradas mediante el aprovechamiento de la pertenencia del del grupo de operadores. • http://www.kb.cert.org/vuls/id/111588 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4868
https://notcve.org/view.php?id=CVE-2014-4868
The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console command. La consola de gestión en el vRouter Brocade Vyatta 5400 6.4R(x), 6.6R(x), y 6.7R1 permite a usuarios remoto autenticados ejecutar comandos de Linux arbitrarios a través de metacaracteres de shell en un comando de la consola. • http://www.kb.cert.org/vuls/id/111588 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •