45 results (0.010 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The web management interface on the LG-Nortel ELO GS24M switch allows remote attackers to bypass authentication, and consequently obtain cleartext credential and configuration information, via a direct request to a configuration web page. La interfaz de gestión vía web en el switch LG-Nortel ELO GS24M permite a atacantes remotos eludir la autenticación, y por lo tanto obtener credenciales sin cifrar e información de configuración, a través de una petición directa a una página web de configuración. • http://osvdb.org/80370 http://www.kb.cert.org/vuls/id/523027 https://exchange.xforce.ibmcloud.com/vulnerabilities/74237 • CWE-287: Improper Authentication •

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0

Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. Múltiples vulnerabilidades no especificadas en Nortel Communication Server 1000 4.50.x permiten a atacantes remotos ejecutar comandos de su elección y conseguir privilegios, obtener información sensible, o provocar una denegación de servicio a través de vectores desconocidos. • http://osvdb.org/44375 http://secunia.com/advisories/29747 http://securitytracker.com/id?1019849 http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455 http://www.securityfocus.com/bid/28691 http://www.voipshield.com/research-details.php?id=29 https://exchange.xforce.ibmcloud.com/vulnerabilities/41803 •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges. Nortel MG1000S, Signaling Server, y Call Server en el Communications Server 1000 (CS1K) 4.50.x contiene múltiples cuentas y contrseñas fijadas en código sin especificar, lo cual permite a atacantes remotos conseguir privilegios. • http://osvdb.org/44374 http://secunia.com/advisories/29747 http://securitytracker.com/id?1019848 http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455 http://www.securityfocus.com/bid/28691 http://www.voipshield.com/research-details.php?id=14 https://exchange.xforce.ibmcloud.com/vulnerabilities/41802 • CWE-255: Credentials Management Errors •

CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 0

Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions. Vulnerabilidad no especificada en la "sesión técnica limitada" en el servicio FTP en Nortel Communications Server 1000 (CS1K) 4.50.x, cuando se está ejecutando en VGMC o señalizando nodos, permite a atacantes remotos provocar una denegación de servicio (agotamiento de recursos y actualizaciones fallidas) a través de vectores desconocidos que provocan consumos de todas las sesiones disponibles. • http://osvdb.org/44380 http://secunia.com/advisories/29747 http://securitytracker.com/id?1019845 http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455 http://www.securityfocus.com/bid/28691 http://www.voipshield.com/research-details.php?id=11 https://exchange.xforce.ibmcloud.com/vulnerabilities/41804 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators." Nortel Communication Server 1000 4.50.x permite a atacantes remotos obtener estructuras de aplicación Web a través de vectores desconocidos relacionados con "recursos web de teléfonos y administradores". • http://osvdb.org/44377 http://secunia.com/advisories/29747 http://securitytracker.com/id?1019846 http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455 http://www.securityfocus.com/bid/28691 http://www.voipshield.com/research-details.php?id=28 https://exchange.xforce.ibmcloud.com/vulnerabilities/41805 •