4 matches found
CVE-2020-16259
Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user...
CVE-2020-16259
Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user...
CVE-2020-16259
Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user...
CVE-2020-16259
Affected product: Winston 1.5.4 devices. Issue: an SSH user account is accessible from bastion hosts, described as undocumented and not announced to users. This root cause enables full compromises of confidentiality, integrity, and availability per CVSS 3.1/5.0? (from the CVE data: attacker could...