Lucene search
K

14 matches found

NVD
NVD
added 2023/10/16 8:15 p.m.27 views

CVE-2023-43118

Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...

8.8CVSS9AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2023/10/16 8:15 p.m.22 views

CVE-2023-43121

A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...

7.5CVSS7.5AI score0.0098EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/10/16 8:15 p.m.4 views

CVE-2023-43121

A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...

7.5CVSS7.2AI score0.0098EPSS
Exploits0References2
Prion
Prion
added 2023/10/16 8:15 p.m.26 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...

6.8CVSS8.9AI score0.00276EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/10/16 7:15 p.m.26 views

CVE-2023-43120

An issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7 and before 31.7.1 allows attackers to gain escalated privileges via crafted HTTP request...

8.8CVSS8.8AI score0.00715EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/16 12:0 a.m.5 views

Extreme Networks Switch Engine Security Vulnerability

Extreme Networks Switch Engine EXOS is a switch engine from Extreme Networks. A security vulnerability exists in Extreme Networks Switch Engine versions prior to 32.5.1.5, which stems from an Access Control Error vulnerability. An attacker could exploit the vulnerability to gain escalation...

9.8CVSS7AI score0.0061EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/16 12:0 a.m.23 views

CVE-2023-43119

An Access Control issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server...

9.9AI score0.0061EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/16 12:0 a.m.15 views

CVE-2023-43119

An Access Control issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server...

7.4AI score0.0061EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/16 12:0 a.m.8 views

CVE-2023-43118

Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...

7.6AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/16 12:0 a.m.11 views

CVE-2023-43121

A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...

6.9AI score0.0098EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/16 12:0 a.m.18 views

CVE-2023-43121

A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...

7.6AI score0.0098EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/16 12:0 a.m.27 views

CVE-2023-43120

An issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7 and before 31.7.1 allows attackers to gain escalated privileges via crafted HTTP request...

9AI score0.00715EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/16 12:0 a.m.21 views

CVE-2023-43118

Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...

9.1AI score0.00276EPSS
Exploits0References1
CVE
CVE
added 2023/10/16 12:0 a.m.47 views

CVE-2023-43119

CVE-2023-43119 concerns Extreme Networks Switch Engine (EXOS) prior to 32.5.1.5, where an Access Control issue permits attackers to escalate privileges through crafted telnet commands via the Redis server. The vulnerability has been fixed in EXOS versions 22.7, 31.7.2, and 32.5.1.5 or later. Affe...

9.8CVSS9.5AI score0.0061EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder