8 matches found
CVE-2015-3942
Multiple cross-site scripting XSS vulnerabilities in the web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Hardcoded credentials
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attackers to obtain access by establishing a console session to a nonstandard installation on which this...
CVE-2015-3961
The CVE-2015-3961 vulnerability affects the web-server component of MNS on Belden GarrettCom Magnum 6K and Magnum 10K switches (before version 4.5.6). A remote authenticated attacker can trigger a denial of service via a crafted URL, causing memory corruption and a reboot. The issue is mitigated ...
CVE-2015-3942
Multiple cross-site scripting XSS vulnerabilities in the web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-3961
The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service memory corruption and reboot via a crafted URL...
CVE-2015-3959
The CVE-2015-3959 issue affects Belden GarrettCom Magnum 6K and Magnum 10K switches running MNS firmware prior to 4.5.6. The root cause is a hardcoded serial-console password for a privileged account, enabling a physically proximate attacker to gain access by connecting a console session to a non...
CVE-2015-3960
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms for HTTPS sessions by...
CVE-2015-3959
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attackers to obtain access by establishing a console session to a nonstandard installation on which this...