CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4869
https://notcve.org/view.php?id=CVE-2014-4869
07 Oct 2014 — The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group. El vRouter Brocade Vyatta 5400 6.4R(x), 6.6R(x), y 6.7R1 permite a atacantes obtener información sensible de contraseñas cifradas mediante el aprovechamiento de la pertenencia del del grupo de operadores. • http://www.kb.cert.org/vuls/id/111588 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4868
https://notcve.org/view.php?id=CVE-2014-4868
07 Oct 2014 — The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console command. La consola de gestión en el vRouter Brocade Vyatta 5400 6.4R(x), 6.6R(x), y 6.7R1 permite a usuarios remoto autenticados ejecutar comandos de Linux arbitrarios a través de metacaracteres de shell en un comando de la consola. • http://www.kb.cert.org/vuls/id/111588 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4870
https://notcve.org/view.php?id=CVE-2014-4870
07 Oct 2014 — /opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration. /opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl en el vRouter Brocade Vyatta 5400 6.4R(x), 6.6R(x), y 6.7R1 no valida debidamente los parámetros, lo que permite a usuarios locales ganar privilegios mediante el aprovechamiento de la configuración sudo. • http://www.kb.cert.org/vuls/id/111588 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-7307
https://notcve.org/view.php?id=CVE-2013-7307
23 Jan 2014 — The OSPF implementation on the Brocade Vyatta vRouter with software before 6.6R1 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. La implementación OSPF en Brocade Vyatta vRouter con software anterior a la versión 6.6R1 no... • http://www.kb.cert.org/vuls/id/229804 •